[unisog] Wiping hard drives before computer transfer
Curtis K. Shrote
shrote at arlut.utexas.edu
Mon Feb 10 14:07:33 GMT 2003
In summary, I believe the answer to your Q is that there is no universal
SOP aside from deciding what your organization will do:
1) Wipe the drive*
2) Physical distruction (sledge-O-matic)
3) do nothing
I hate to bring up the "L" word but perhaps you should consult a lawyer
within your organization that hopefully has some technical background.
Obviously, there is a business/economic angle to this as well. Will the
surplusing result in a sale to the public or reuse within another part
of the organization? Does the organization really need the revenue from
the equipment sale/trade-in? Does the IT organization(s) have an
efficient mechanism to deal with (sanitizing) the surplus? What are the
regulatory exposures (HIPPA et. al.)? yada, yada, yada ...
*Do I dare bring up the question of sectors that have been marked as bad
and the residual data that they might contain? Note also that data
hiding has been proposed using sectors that have been marked bad but are
not really bad at all. This subject came up in a forensics discussion
involving attacker tool kits. Obviously this would normally not involve
a huge % of the drive.
dknapp at calpoly.edu wrote:
> I think I'm entering this in the middle of the thread - but what then is a
> currently accepted method of wiping every sector on a hard drive such that it
> would take a military/intelligence agency to recover it? If I had drives that
> were surplused and had legal or student info on it - what is the SOP for
> removing such data?
> dknapp at calpoly.edu
More information about the unisog