Some (most?) sites have a policy of "putting beyond use" storage devices/media that need to leave their data centre confines for some reason (e.g. failure-replacement, end-of-life). Simplistically, this could be via physical destruction (crushing, platter hole punching, sledgehammer, etc.) or logical (degauss, multiple data overwrite cycles, etc.), although this doesnt preclude the existence of other disposal methods.
'storage device/media' is referring to any non-volatile permanent storage, such as tape media, disk/ssd, true non-volatile disk cache, in-processor flash cards, etc. My question is, whether the move towards at-rest encryption of storage devices/media across the industry, is likely to influence a site's policy in terms of disposal? If not, then what is the perceived benefit of acquiring encryption at rest technology (as opposed to non-encrypted), beyond just an extra layer of data obfuscation as a 'just in case', especially for sites with a policy of 'crush everything'? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
