[Hidden-tech] Re: Recycling dead computers?

Chris Hoogendyk hoogendyk at bio.umass.edu
Mon Jun 2 11:43:11 EDT 2008

Previous message: [Hidden-tech] Re: Recycling dead computers?
Next message: [Hidden-tech] FW: Tech oriented teaching Jobs at Athol-Royalston after school project
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jan Werner wrote:
> Don't know about Macs, but for PCs there are many programs that can be 
> booted from a CD that will allow you to wipe a hard drive to DOD and 
> other security standards. Among programs I use, both Acronis True 
> Image and Paragon Hard Disk Manager do this, and I'm sure there are 
> plenty of others for both Windows and Linux.
>
> So unless one is caching a copy of Osama Bin Laden's memoirs on their 
> hard drive and thinks the NSA may be on to them, I don't understand 
> why anyone would want to physically destroy a hard disk rather than 
> just wipe it securely and donate the whole computer to a good cause.
>
> Being a good guy and installing a clean copy of either Windows or 
> Linux on a wiped drive will just make it even harder for anyone to try 
> to recover anything from it, if such were even possible to begin with. 

I am all in favor of wiping and donating.

In larger organizations it may not be practical to go through the labor 
and care required to properly assure that data has been wiped, and the 
security risks may be more substantial as well. I have been the 
recipient of several hand-me-down Sun servers from larger departments at 
UMass. They have all come to me without any hard drives. They have a 
policy of destroying the drives and then sending them to the UMass 
recycling center. In a way, this is good for me. The drives are the 
component that has experienced the most wear and are most likely to 
fail. By requiring me to buy new drives, I end up with hand-me-down 
servers that are likely to last longer without problems. I also end up 
with larger drives, since capacity has gone up exponentially (and price 
has gone down). I still end up with a total cost much less than 10% that 
of getting new servers.

There has also been a campus policy of late that people are no longer 
allowed to scavenge computer equipment from the recycling center. This 
is a security policy based on the possibility that equipment might come 
through improperly sanitized, and someone might stumble on some sort of 
sensitive data. So security becomes a multi-stage process. The 
department is responsible for securing its data and not letting it get 
out, but the back door of the recycling center is being shut as well.

I think each person/organization has to assess their own risks for data 
exposure and balance that against the costs, liabilities, and their own 
level of paranoia. For public institutions and organizations like 
hospitals and insurance companies, there are both federal and state laws 
regarding data exposure. Some organizations will blanch at that 
potential liability and set categorical policies that have no leeway. 
Smaller organizations and home businesses have more flexibility, but 
should still be sure to assess the risks and liabilities for their own 
environment.

---------------

Chris Hoogendyk

-
   O__  ---- Systems Administrator
  c/ /'_ --- Biology & Geology Departments
 (*) \(*) -- 140 Morrill Science Center
~~~~~~~~~~ - University of Massachusetts, Amherst 

<hoogendyk at bio.umass.edu>

--------------- 

Erdös 4

Previous message: [Hidden-tech] Re: Recycling dead computers?
Next message: [Hidden-tech] FW: Tech oriented teaching Jobs at Athol-Royalston after school project
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Hidden-discuss mailing list