[rescue] Degaussing Drives?

[Tim H.]

On Mon, 26 Aug 2002 07:26:23 -0400
Al Potter <apotter at spankingnuns.com> wrote:

> Technically, yes.  But realistically, by whom and at what cost?
> 
> Weigh the answer to these questions against the value of the data and
> make (or ask the boss to make) a Risk Decision.

That risk decision usually involves sledgehammers, because all suits
think their data is of great value to someone.  I always just wrote a
different filesystem over the original, figuring that the recoverer at
that point has to figure out what filesystem it was originally as well,
but a lot of companies (not really, just a good percentage of companies
who actually have a policy) destroy hard drives when they are taken out
of service. This is why we have vast numbers of nice machines with drive
sleds that cost as much as the machine.

In reality, any company I have seen that actually had data worth money
still had a vast majority of disposed hard drives with nothing but
meeting schedules, screen savers, and mid-level suit's power point
presentations about efficiency of communication.  This vastly raises the
cost of recovery by the bad guy, unless he has information about which
drive came out of which machine, and what that machine did.  And most
companies move slow enough that when a server goes out of service it
sits around for a while before it is dosposed, which also greatly
decreases the chance of valuable data on the drive.  Afterall, what good
is a trade secret which has already become a patent and is available for
public viewing anyway?  Most corporate data of value has a relatively
short period of usefulness.  Now if someone had recovered the right
drive from Enron, then they could be sitting pretty right now, or else
sitting next to Martha Stewart in the dock. :-)

Tim