So you’ve solved your physical access problems, you’ve convinced your users to a) not take candy from strangers in email, b) not to leave personally identifying data lying around online, and c) exert positive physical control over their laptops, PDAs and other electronic gizmos. You are now the reigning guru of security in your organization.

Answer this question: What happens to your data when systems are decommissioned? Do you know? Do you want to know? All the data we’ve been talking about keeping secure, where does it go?

Let’s talk about the machines themselves. Generally, three things can happen to machines:

  • They get repurposed. The boss gets the latest toy, her assistant gets the previous latest toy, and the file clerk gets the assistant’s old system.

  • They get repositioned. The boss takes the old toy home for the kids, and gets the new one for the office. The assistant and the file clerk are out of luck.

  • They get recycled either internally or externally. Internal recycling means email is sent to the company, and whoever wants/needs it based on some criteria comes and gets it.

    External recycling occurs when the machine is donated to schools, charities, or simply carted off by an entity unaffiliated with the company. This may be a contract disposal company or the janitor. The important part is you have no way of knowing where it ends up.

    • When machines are repurposed, you might think the data hasn’t “really” changed hands. This is simply not true. Sure, the assistant works for the boss, is the boss’s right hand, knows everything necessary to keep things running smoothly and to keep the boss out of trouble. But there’s an old adage that applies here: just because I taught you everything you know, doesn’t mean I taught you everything I know.

    Because the assistant is familiar with the majority of material on his department head’s computer, doesn’t mean he has any reason to have access to the rest of it. Additionally, the boss probably has information, he emphatically doesn’t want his subordinate to have.

    Performance evaluations, pay structures and personal business data are all excellent examples. What happens if the assistant is disgruntled?

    Repositioned machines pose a different risk. You take your old business system home, to let your kids install games and other applications so they can play on line. Your youngest child has a completely annoying habit of clicking whatever pops up on the screen "to see where it goes."

    You already know from hard, cold experience that this involves adware, spyware, viruses and all the other things you fight day in and day out at the office. Frankly, you are just too tired to deal with it at home too.

    Since the kids are the only one who use the computer (OK, you occasionally balance your check book and pay bills on line) it’s just not that big of a deal. What about your data from the office?

    Finally, the machine is recycled and some rogue from Sales takes it and disappears back into the darkness from whence he came. The next thing you know, some top secret document even your boss doesn’t know about is all over the corporate network, and it doesn’t look good for you. You’ll eventually be vindicated, but between now and eventually is a long, long time.

    Recycling a machine to the outside world? You can just imagine the threats, the pitfalls, the unemployment line you’re exposed to here. You have no control over what happens to that data after it’s been released to the general public. Just because you hire a commercial disposal firm doesn’t mean you hired an ethical one.

    Looking at the Options

    By now you’re having nightmares over the loss of your corporate assets in one form or another. You basically have three options: software wiping, magnetic degaussing, or, my personal favorite, physical destruction.

    There are applications available that will boot your system to a CD and then overwrite the entire drive with 1’s and random letters, random characters or some combination of letters, characters and numbers. You can choose from DOD, paranoid, German, Russian, Schneier or 8-way random, based on level of risk.

    A modest sized hard drive (40Gig) takes approximately 36 hours to wipe using the lowest setting. Clearly this is not scalable. Additionally, you can’t pipeline the process without multiple copies of the software.

    Next you can employ a magnetic degaussing system. You can do multiple disks at once and it takes up less room. But you have to take the drive out of the case, and there is a much larger initial expense for equipment. They can also be loud, and they make some people nervous about magnetic fields and health issues.

    Physical destruction is an option if you’re going to go to take them out of the case. Gather a set of drives that need to be destroyed; have an organizational picnic (your team, division, department, site, company, whatever). Sell tickets for the opportunity to pound a hard drive into the ground with a sledge hammer. Donate the proceeds to charity, along with the carcasses now devoid of disks. Consider purchasing replacement disks, as a measure of good will, and a tax write-off. Moreover, company assets have been safeguarded.

    “'Tis better to light a single candle than to curse the darkness. Although cursing the darkness is more emotionally fulfilling.”

    Smashing hard drives may be emotionally fulfilling, but it’s not an efficient way to provide data security for decommissioned computer systems. You might be tempted to put drives in a box in a dark corner for later, but remember the bad guys live in a dark corner waiting for the opportunity to make off with sensitive data.

    As usual, there’s no easy solution but we have to find something workable to protect ourselves and our company’s collective assets. You may find the answer lies in more than one solution, but you won’t find the answer lies in no solution at all.