When I first began writing this piece, I realized that I would be remiss if I did not emphasize (or reemphasize) the importance of good data storage security. It is really as simple as this: if you don't want sensitive information compromised, don't store or save it to your local hard drive. However, if you aren't running a server in your environment, this may be easier said than done. You may have no choice but to store data locally. If this is the case, what do you do when your hard drive or other storage media fail to continue operating?
Hard drive failure (or any
media failure for that matter) can be disheartening to say the least. Data recovery can be a long and arduous process. But what happens to the hard drive after data recovery is complete? Do you simply throw it in the trash? If you answered "yes" you need to rethink your current process.
When a hard drive fails, this does not necessarily mean it is unreadable; even if attempts to recover data fail. For example, the drive may not be readable simply because the controller failed. However it's very possible that the hard drive platters are still good and therefore it would be possible to pull fragments of data off of them. If bank account information, customer addresses and phone numbers, or even social security numbers were stored on that drive, the data may still be accessible and that becomes an extreme liability for your business. The same goes for other types of storage media such as tape drives, CDs and DVDs, and compact
flash devices like USB thumb drives.
So as you can see, a failure doesn't always translate to data loss. As such, proper disposal of failed storage media and hardware is critical to information security. Stay tuned for Part 2 where I’ll explore common methods for proper disposal of failed storage devices and media.