Anti-virus is running on every computer in the building. Sophisticated
intrusion detection and threat analysis systems keep you apprised of any
attempts to gain access to your network. Firewalls provide a robust
perimeter, and digital rights are managed so well that no employee has
managed to sneak a file or email to a friend at a newsblog.
You’re all set. Right?
Don’t be so sure.
Sitting in the company’s basement or perhaps at the far end of the server
room is a ticking time bomb — old dust-laden servers that you’re
planning on getting rid of ”someday”. Being off the network, these
machines are no longer wrapped in your security defenses. Anyone can
access what’s inside — read your valuable records, or walk out the front
door with a harddrive containing an only slightly dated version of your
customer database.
”The obvious danger in server disposal is security,” says Jon Collins,
principal analyst for Quocirca, a UK-based industry analyst firm. ”There
are various anecdotal examples of health records turning up on auctioned
or discarded computers.”
One of the biggest security errors that IT makes, in fact, is treating
server dinosaurs without respect. They’re old, the technology is dated,
the harddrives are tiny by today’s standards, and they just don’t look as
good as that new shiny model your VAR delivered the other day. It’s hard
not to unplug it, hook up its replacement and, as an afterthought, toss
the old stuff in a dimly lit corner.
Destroy Them
Once PC’s and servers start to pile up, accountability vanishes.
Equipment can disappear and no one will ever notice. Therefore, you have
to take care of the data inside those machines as a top priority. To do
that, there are several options, all of which boil down to destroying the
disks or erasing the information on them.
Industry analysts generally recommend physicall destroying the drives…
and thus, the data inside them. And don’t hand the job off to some
flunky. Make sure you know it’s been done — even if that means doing the
job yourself.
But how exactly do you go about doing that? Do you send the systems admin
out back with a hammer and a couple of drives? And how do you know that
he actually did it?
One of the keys to disposal is that it we’re talking about precise
technology and a cost of doing business. Leaving it to an overburdened IT
staff means you are paying a high hourly rate for what will probably be
basic work. It also opens the door to employees deciding to take the old
server home, or worse, selling it on eBay.
As a result, companies have sprung up offering equipment disposal
services to large businesses. These businesses include PCDisposal.com of
Kansas City, Recycling Inc. of Toronto, and Redemtech Inc. of Columbus,
Ohio. The good ones utilize EPA-compliant disposal and recycling
processes. This involves separating out the metals, shredding them and
recycling their parts. In some cases, they even will inventory all your
hardware and software prior to disposal and provide a certificate of
destruction. Such paperwork can be vital when it comes to annual audits,
financial statements, certainty of security, and complying with
government regulations on corporate information such as HIPAA and
Sarbanes Oxley.
Scrub Them
An alternate school of thought in server disposal is to scrub the data on
the drives — either internally or via a recycler.
Most third parties in this business boast of DOD-compliant practices.
That means the disk is overwritten at least six times. Like the futility
of trying to arrive at infinity, however, the various file wipers and
scrubbers on the market may not totally erase everything.
According to security expert Peter Gutman of the Department of Computer
Science at the University of Auckland, it is effectively impossible to
sanitize storage locations by simply overwriting them, no matter how many
overwrite passes are made or what data patterns are written. So even if
data has been thoroughly overwritten, you may still be able to recover
some of it as the magnetization patterns on the hard disk surface are
often still visible. It’s generally accepted, however, that 35 passes of
overwriting is as secure as it gets.
Regardless of their thoroughness, it is probably best for IT to use a
scrubbing utility of some kind as part of the de-install process prior to
handing the server over to a recycling company. Even if the servers do
end up littering the halls for several months, a six-pass overwrite will
afford a decent level of protection.
The plus side of scrubbing is that it opens the door to reselling the
computer. Many of the large recyclers offer this option as a means of
cutting disposal costs. Whereas it might cost $100 to securely get rid of
a server, scrubbing its data and having the recycler sell if for you can
cut the bill down as low as $20.
Interestingly, some of the big recycling firms that cater to the Fortune
1,000 successfully convince large companies that their sensitive data
will remain safe even when their servers are resold. They go to great
lengths to lock down the data before they put it in their trucks, then
offer certificates of data eradication. But for some clients, they still
have to destroy the disks due to the nature of the information inside.
Another option is to make disposal the problem of the OEM — he who sells
me new equipment must get rid of the old stuff securely. Such arrangement
can be built into the tender process. The HPs and Dells of this world,
for example, have programs in place to take care of aging gear.
But it can be very expensive to destroy every platter and discard every
piece of metal in the server. Many will decide to relegate such practices
only to ultra-sensitive information. For the rest, they will make do with
scrubbing and reselling in order to recoup costs.
On the other side of the coin, though, there are conditions where it may
be more expensive to scrub. If a server has little resale value, for
example, it is typically cheaper to have all the parts physically
destroyed or recycled.
And if you are using RAID, be very careful with drive scrubbers. Due to
the mechanics of RAID arrays, some scrub technology won’t work
thoroughly. The logical mapping processes employed in RAID can actually
prevent some sectors from being overwritten. It may be necessary to
remove each drive and scrub them individually.
Server Ghosts
Unfortunately, your old server ghosts can come back to haunt you.
Like every field, server recyclers cover the gamut from the
trustworthy to the downright shady. Going for the lowest bidder might
mean that your servers may end up dumped in a landfill in a third-world
country. As they contain hazardous materials — lead-acid batteries in
UPS, for example — someone might take the time to trace the serial
number back to you. That can become a serious future liability.
”You have to pay attention to the ultimate destination of the equipment
you are scrapping,” said Collins. ”That includes the possible sweatshop
implications of computer disposal.”