Editorials

Server Data Retirement

by Ben Taylor

Free Webcast Tomorrow (2/22/2012) –
Learn about data mining with PowerPivot – it’s open and free for all to attend.
Register Here

SQL Server 2012 Launch Conference and Expo – March 26-29 in Las Vegas
Learn from our dynamic mix of industry-recognized speakers with real-world experience backing their sessions. Knowledge is the key to success, understanding, troubleshooting and operations; an educated DBA is extremely valuable.
Register here!

$$SWYNK$$

Server Data Retirement
A side topic of data sanitization when retiring data storage hardware was brought up as we were looking at disk encryption.

Most hardware doesn’t last forever. There comes a point where maintaining old hardware is either too costly, too risky or simply too slow. At that point you need to get rid of the hardware. If you have tons of money to throw around you can simply unplug it and leave it alone. Most of us generally replace the hardware and dispose of the original equipment in some fashion.

If drives are included in the hardware being retired, you must wipe the drives if you wish to assure the contents are not passed on to anyone who gains access. This doesn’t mean a simple format. It literally means writing each possible byte on the entire disk. Often this is done by writing 0 to each byte. This process is both very time consuming and necessary.

Mark Writes:

It is definitely good advice to implement disk encryption and to make sure the disks from retired systems are properly sanitized. Readers should also be aware that state and federal laws are placing more stringent requirements on the control of sensitive personal information.

So, in some cases, it’s not just a best practice, it’s the law.

In addition to the software-based encryption you discussed, Self-Encrypting Drives (SEDs) are also an option. Most computer vendors are offering these drives as options on new systems and they can also be purchased aftermarket. Instead of the encryption being run by a program loaded on the computer, it is run by hardware included with the drive.

This reduces the performance overhead you might see associated with software-based encryption.

Places where sensitive data may reside but are very often overlooked are copy machines and printers. Most of these machines now have built-in drives that may store information that is copied or printed. When retiring these devices, the drives should be sanitized. For copiers that are on lease, this may require an agreement upfront to either retain the drive or get a certificate of destruction from the vendor.

If you’d like to share your experiences or comments send an email to btaylor@sswug.org.

Cheers,

Ben

Featured White Paper(s)
Optimize SharePoint Storage with BLOB Externalization
Written by AvePoint

This document is intended to provide a comprehensive an… (read more)

Featured Script
dba3_SelectAssimilatingDataForEachDayInDateSpan_Demo
Re: Select Query assimilating data for each day in a date span – (minor modifications required for earlier Sql Server versi… (read more)

Tags:
Author: Ben TaylorBen is a Relational Database veteran starting in the early eighties on DEC Vax database systems such as Bloom and Harvest. He has specialized in SQL engines for more than two decades, with a primary focus on Microsoft SQL Server. Ben has worked with small and large databases for both OLAP and OLTP working on systems for many industries such as Medical (Medical Claims and Eligibility Warehouse, HMO Provider Management, Enrollment), Financial (credit card processing, mortgage, stock portfolio management), Manufacturing (Assembly Line and Product Assemblies), Sales, Auto Auctions and more.