Tag: enterprise line hard drive shredders

How NOT to Destroy Hard Drives

March 2, 2021 at 8:00 am by Amanda Canale

Since the first days of chat message boards and social media profiles, we’ve all heard the saying, “don’t put all of your information online because it never truly goes away.” The same can be said for end-of-life data and information on rotational hard disk drives (HDDs): once information is on there, it’s sometimes near to impossible to fully remove. Aside from implementing a secure, in-house destruction plan, there are many other methods we do not recommend using. Let’s break some of those down.

Recycling and/or Throwing Away

While we support the green initiative in trying to recycle your end-of-life drives, unfortunately, this cannot be securely done. For starters, the majority of our waste and recycling ends up in landfills and dumpsters which are gold mines for hackers and thieves. On top of that, recycling and waste is not transported securely, making it easy for people to intercept and have access to your most sensitive information.

It is reported that, on average, recyclables and waste sit on sorting floors for up to four weeks before finally being destroyed. Anything can happen within that length of time! After this period, remnants of your information or data are not magically sorted; dozens of employees’ sort what the machines cannot and have direct access to your data. By opting for a seemingly eco-friendlier alternative, you will only put your data at more risk.

Deleting and/or Overwriting

One of the more common (and misleading) data destruction misconceptions is that erasing or overwriting the information of an end-of-life drive and degaussing are synonymous with one another. While methods such as cryptographic erasure and data erasure would allow the drive to be used again, it is not a secure and foolproof destruction. Information, whether encrypted or unencrypted, can still linger behind on the drive and be accessed, even if it has previously been deleted or overwritten.


Burning

Burning a hard drive, whether with a blow torch or roasting it on a stick, is highly discouraged. Not only would this require protective gear and holding platters at a safe distance with a heat resistant tool, but burning hard drives will also lead to harmful fumes to be released into the air in the process.

Unfortunately, just because a drive experiences physical damage, it does not mean that the information has taken the same hit. Take for instance the 2003 explosion of the Columbia space shuttle. As the spacecraft made its way into the atmosphere, a piece of the insulation foam had detached, causing it to become enflamed and combust. The horrific disaster resulted in the loss of everyone aboard as the shuttle disintegrated on its way back to Earth.

Just about six months later, a rotational hard drive that was aboard the Columbia was found in a riverbed. It was discovered that the drive had not only survived the initial explosion, but it also survived a 40-mile fall while on fire at terminal velocity and staying in a muddy riverbed for six months. The most interesting part? Even after surviving all of that, it was discovered that 99% of the data that resided on the drive was recovered. It’s safe to say that burning a hard drive is not only harmful to you and the environment but is a tactic that simply won’t work. We suggest sticking to roasting just marshmallows over future fires.

Photo of recovered Columbia space shuttle hard drive


ITAD

ITADs, or information technology asset disposition companies, are third-party vendors that sanitize and destroy end-of-life data and drives. While the appeal of these types of companies can be quite convincing, we at SEM do not recommend utilizing these types of companies when getting rid of your end-of-life data. While there are some reputable ITAD and data sanitization companies out there, the risk may not be worth the convenience. Security risks can be unpredictable and potentially catastrophic as it can be far too easy for ITAD vendors to misuse, mishandle, and misplace drives when in transportation, destruction, or disposal. It has also been reported that some vendors sell end-of-life devices and their sensitive information to online third parties.

During the summer of 2020, financial institution Morgan Stanley came under fire for an alleged data breach of their clients’ financial information after an ITAD vendor misplaced a number of drives that were storing personally identifiable information (PII). Instead, we suggest purchasing one of our NSA listed devices, keeping the chain of custody within the company, and conducting all destruction in-house.

data-theft
Other (Un)Worthy Methods

  • Submerging the HDD in acid
  • Using a drive as target practice
  • Running over HDDs with your car
  • Giving HDDs a bubble bath
  • Physical destruction with a blunt object
  • Attaching industrial-strength magnets

Regardless of the catalyst for end-of-life drive destruction, it is always best practice to conduct destruction and degaussing in-house. While degaussing is not possible for the destruction of end-of-life data on solid state drives (SSDs), SEM recommends always following NSA standards and degaussing all magnetic media, including hard disk drives (HDDs), prior to destruction. Solid state drives (SSDs) and optical media cannot be degaussed, so crushing and/or shredding is recommended.

By first degaussing then physically destroying HDDs, companies are choosing the most secure method of data destruction per NSA guidelines as this is the only way to be certain that the end-of-life data has been properly destroyed. When magnetic media is degaussed, our devices use powerful magnetic fields to sanitize the magnetic tapes and drive, wiping all sensitive information from the device. This act renders the drive completely inoperable, which should always be the end goal. Once the device has been degaussed, it should be physically destroyed. The combination of degaussing and physical destruction for HDDs is without a doubt the most secure method of ensuring your end-of-life data stays at the end of its life.

It is also important to remember that a data breach is a data breach, no matter the level of impact. While not all degaussing machines are adequate to demagnetize all rotational hard disk drives, at SEM we have an array of various high security NSA listed/CUI and unclassified magnetic media degaussers to meet any need and regulation.

Security Engineered Machinery Introduces Enterprise Line of Data Destruction Devices

June 26, 2018 at 3:05 pm by Heidi White

Secure data destruction device manufacturer becomes first to offer end-of-life solutions specifically for enterprise drives

 Security Engineered Machinery Co., Inc. (SEM), global leader in high security information end-of-life solutions, announced the introduction of a line of hard drive destroyers specifically engineered for enterprise drive destruction. The Enterprise Line, which includes rotational and solid state shredders and a disintegrator, is the first of its kind in the data destruction industry.

“We engineered the Enterprise Line to address the needs of our data center clients,” said Nicholas Cakounes, Executive Vice President of SEM. “The overwhelming client feedback we received expressed an imminent need for data destruction devices that could easily handle the larger, thicker, denser enterprise drives commonly found in data center environments.”

The Enterprise Line includes the compact, quiet Model 0315 hard drive shredder designed for office use, as well as the high-volume Model 0305 and Model 0304 shredders. The 0315 shreds up to 90 enterprise rotational hard disk drives (HDDs) and up to 120 enterprise solid state drives (SSDs) per hour at 1.5” final particle size, whereas the industrial grade 0305 and 0304 destroy up to 800 HDDs/1,200 SSDs and 1,400 HDDs/2,000 SSDs per hour, respectively. All three models are available in multiple configurations to accommodate a variety of user requirements: rotational hard disk drive (HDDs) only, solid state drive (SSD) only, and a combo version that destroys both HDDs and SSDs utilizing separate feed openings and cutting chambers. Final particle size for HDDs ranges from 1.5” to 0.75”, and final particle size for SSDs is 0.375”. All shredders in the new Enterprise Line are noted on the NSA/CSS Evaluated Products List (EPL) for HDD Destruction Devices as an approved solution for the “deformation of magnetic media hard drive platters” and are GDPR, NIST 800-88, SOX, FACTA, HIPAA, FISMA, NAID, and DoD compliant.

In addition to the three shredder models, SEM’s new Enterprise Line includes the Model 2SSD Disintegrator engineered to destroy SSDs to a nominal particle size of 2mm2. This newly redesigned machine employs an industrial grade, dual stage cutting system with specially enhanced cutting blades and sizing screens to provide maximum throughput in an office environment. Designed with a custom, steel-insulated sound enclosure for maximum sound control, the 2SSD also features an internal carbon-based pre-filter and HEPA air filtration system for operator safety as well as odor and dust control. Click for video.

“After pilot testing the devices with our existing Fortune 50 data center clients, we realized that the Enterprise Line provides the ideal solution to organizations looking to safeguard privacy and mitigate risk in the data center and beyond,” added Andrew Kelleher, President of SEM. “In addition to data centers, security-focused organizations such as the federal government, healthcare providers, and financial institutions are facing increased compliance requirements in parallel with more frequent use of enterprise drives into their data centers. The problem becomes what to do with the drives at end-of-life to maintain privacy and compliance — we are providing that solution.”

All devices in the Enterprise Line are specifically designed for enterprise drive destruction with increased torque, industrial grade construction, and more rugged cutting heads, enabling the system to cut through multiple steel plates, carriers, and other enterprise drive constructed components such as heat sinks and cooling tubes.