Oops, sorry guys, lost track of the thread and wrote too soon.
Of course! How the hell am I going to be able to sanitize a failed disk if it isn't even "seen" by the filer?
The encrypted data option is still pretty good and it brings a bunch of security benefits (and additional administration).
Otherwise, the industrial magnet sounds like great fun. I wonder what field strength and exposure time is required to guarantee a complete scramble? Hell it probably even depends on the angle that the disk platter is exposed to the magnet.
Aaron
-----Original Message----- From: Sphar, Mike [mailto:Mike_Sphar@bmc.com] Sent: Tuesday, 22 February 2005 10:41 AM To: 'Toasters' Subject: RE: Destroying failed disks
I think the question would be whether you could actually do a disk sanitize on a failed disk?
A friend of mine who works in IT for a steel company recently shared that they "sanitized" a batch of hard disks by taking them out and having them picked up by a giant crane magnet that is normally used for picking up tons of metal.
-----Original Message----- From: Hill, Aaron [mailto:aaron.hill@cba.com.au] Sent: Monday, February 21, 2005 5:03 PM To: 'Ted Weston'; John Stoffel Cc: 'Toasters' Subject: RE: Destroying failed disks
Did anyone mention the disk sanitization tool? I was told that this will run through your disk writing diagonal 0's and 1's over all the current data making it unusable.
The 6.5 Storage Admin Guide states the following;
Disk sanitization is the process of physically obliterating data by means of overwrite patterns on filer or NearStore appliance disks in a manner that precludes recovery of that data by any known recovery methods. The Data ONTAP disk sanitize feature enables you to carry out disk sanitization by using three successive byte overwrite patterns per cycle and a default six cycles per operation, in compliance with United States Department of Defense and Department of Energy security requirements.
I did read somewhere that it still may be possible to pull snippets of information off the disks using an electron microscope. I truly have no idea if this is possible or not. If your are that paranoid, it may be time to physically destroy the disks or start thinking about encrypting all of your data before it goes on the disks. If you go for the latter, read more here; http://www.netapp.com/news/print/NEWS_REL_20041026.html
Aaron
-----Original Message----- From: Ted Weston [mailto:Ted.Weston@oracle.com] Sent: Tuesday, 22 February 2005 3:08 AM To: John Stoffel Cc: 'Toasters' Subject: RE: Destroying failed disks
Thanks for the reply, John. With this solution, aren't you concerned that something relevant could appear in one of those 8k chunks that WAFL writes? Several credit card or social security numbers might be strung in there.
-t
-----Original Message----- From: John Stoffel [mailto:john.stoffel@taec.toshiba.com] Sent: Friday, February 18, 2005 10:36 AM To: Ted Weston Cc: 'Toasters' Subject: Re: Destroying failed disks
Ted> Good Morning (or afternoon/evening, depending on your location) - Ted> I'd like to conduct a quick poll on the process those of you Ted> employ to destroy failed filer hard drives. Do you use an outside Ted> service to physically destroy it, utilize something akin to Ted> 'shred -z,' or an entirely different approach?
Well, since the failed disks are shipped back to NetApp under our maint contract, we don't do anything to them. And since they're dead... all we could do is physically destroy them if we were worried about data being stolen. Not a big worry since all you'd get is snippets in random chunks, esp for bigger files.
John John Stoffel - Senior Staff Systems Administrator - System LSI Group Toshiba America Electronic Components, Inc. - http://www.toshiba.com/taec john.stoffel@taec.toshiba.com - 508-486-1087
************** IMPORTANT MESSAGE ************** This e-mail message is intended only for the addressee(s) and contains information which may be confidential. If you are not the intended recipient please advise the sender by return email, do not use or disclose the contents, and delete the message and any attachments from your system. Unless specifically indicated, this email does not constitute formal advice or commitment by the sender or the Commonwealth Bank of Australia (ABN 48 123 123 124) or its subsidiaries. We can be contacted through our web site: commbank.com.au. If you no longer wish to receive commercial electronic messages from us, please reply to this e-mail by typing Unsubscribe in the subject line. ***************************************************************