Data protection with Seagate Instant Secure Erase
Information assurance has been a hot topic in the tech industry as high-profile data breaches reveal that many companies aren't as secure as leaders may have thought. The cost of a breach can have significant financial consequences, as Symantec's 2011 U.S. Cost of a Data Breach Study revealed. In interviewing 400 IT and compliance professionals, researchers found that the average organizational cost per data breach was US$5.5 million even after they had eliminated catastrophic incidents—those that involved more than 100,000 records—from the results. In addition, the average cost per record compromised was US$194.
Symantec's analysts focused on data security incidents noted that malicious attacks, system glitches and device theft resulted in a majority of the breaches they analyzed. However, it is easy to imagine additional risk for data center operators, particularly as information volumes increase. For example, Seagate estimates 50,000 hard drives leave data centers on a daily basis. These disks may contain anything from corporate intellectual property to private employee and customer data. Traditional device wipe methods are not only time consuming, but they may also be ineffective at completely protecting sensitive information, particularly since one stripe with remaining data could include hundreds of Social Security numbers, names and addresses.
The risk will only grow as capacities increase, as any single mistake can leave numerous sensitive records vulnerable. Once the hardware leaves the data center, it leaves the control of the operator, and failing to erase just a few stripes’ worth of stored data could mean as many as 1000 compromised records. Going by Symantec's numbers, that would translate costs close to US$200,000 just from a single, comparatively small incident.
Retired hardware expenses
There are a few notable problems with many common drive retirement practices. Although not all of them are related to information security, many still result in excess cost. For example, companies that decide to repurpose their hardware may choose to overwrite the data rather than erase it completely. The process itself is expensive, but will also open the potential for data security vulnerabilities. Reallocated sectors are not covered in the overwrite process, meaning that some old information will remain on the drive.
Degaussing and physically shredding the drive are other options. Degaussing can yield mixed results, particularly when considering different drives require unique optimal degauss strengths. This often results in readable data being left on the drive. There is also the option to hire professional disposal services to destroy the drive, but this creates more points of vulnerability since there are more people handling the data. Total costs could increase dramatically when considering the need to publish internal reports and any auditing fees.
Improving drive retirement efficiency
Seagate Instant Secure Erase (ISE) is designed to make it easy for managers to protect sensitive data. In addition to encrypting information automatically so that it is also protected while the hardware is still in use, ISE allows the owner to simply send a command to the drive to change the encryption key so that even if information is recoverable, it would be unusable to an outside entity. This eliminates the need to go through the expensive overwriting process and maintains the integrity of the drive for warranty or lease returns.
The Seagate ISE process can be initiated in several different ways. Seagate SeaTools™ for Windows is available for free and can also diagnose internal and external storage devices. However, ISE also supports third-party solutions such as Trusted Computing Group (TCG) compliant RAID controllers from LSI and Intel and integration with software developed in-house using an SDK from Seagate.