Secure Hard Drive Deletion Appliance? 573
An anonymous reader asks "I am searching for a box into which I can plug a hard drive (IDE or SCSI of various flavors) and automatically begin a secure deletion process (DoD 2250 compliant or the like would be good). This is normally for dead drives which need to be RMA-ed. Because of various regulations (HIPAA for starters), we need to at least attempt to do a good job clearing the disk. I've heard from a number of places, including this Slashdot story, that degaussing isn't great. There are software solutions out there, but in general, I want to toss a replacement hard drive in and not have to hunt around for hardware to put the bad drive in in order to run the software. Given the right case, a solid state drive, some SCSI cards and one of various pieces of software, I can imagine such a beast. Has anyone seen someone selling something like this?" No case-opening is necessary to use a USB/IDE converter, which might be a good middle ground. Any other ideas?
Still Risky (Score:5, Insightful)
I believe the information is secured only if it's still in your hand.
Data destruction. (Score:5, Insightful)
Uh, if the hard drive is dead (Score:5, Insightful)
The best you can do is use a degausser, since you can't open the drive without voiding your warranty.
Two Ways (Score:3, Insightful)
The second method is to set up a *nix box with some hot swap drive bays and use that (I actually prefer this method). You can find removable bays all over the place and use *nix to format the drive writing all 0s to it.
I don't think anyone makes a machine exactly like you describe, but both of these methods will do the trick. Good luck!
Re:Question Mark ... (Score:3, Insightful)
In these cases, you have to decide: is it more important that you RMA the drive (in which case, you really can't do any truely destructive to the drive physically - I think degaussing falls under that, as it wipes out the underlying sector info), or do you smash up the drive and forego the drive replacement?
BTW, if it turns out that degaussing is an accepted method of clearing the drive prior to RMA, please let me know...
Re:Data destruction. (Score:2, Insightful)
Re:Data destruction. (Score:2, Insightful)
Re:Still Risky (Score:5, Insightful)
Right now, I am probably doing a minimum of ten secure wipes every month. A new hard drive would cost roughly a hundred bucks. That's 12,000 dollars annually, minimum, just on hard drives, which would be wasted.
You are missing the point. You can wipe a fully function drive that is staying inside your organisation and be fairly sure no one will get to the deleted info. But if the drive is broken, you can't besure the drive has been fully erased. And then you are sending it off to someone outside your organisation who may decided to see what you left on it.
Also, you can always just dd
Because the drive is broken. Chances are you can't write to it.
Best bet is to keep the drives and destroy them yourselves. If you buy enough stuff you can probably get something worked out with your vendor so you get a deal on warranty replacements.
MG
The best hard-drive deletion device money can buy (Score:3, Insightful)
Re:I say... (Score:4, Insightful)
Re:Don't Destroy - Encrypt (Score:2, Insightful)
Sandpaper (Score:1, Insightful)