Destroy my drives!
February 3, 2006 10:48 AM   Subscribe

What do you or your company do regarding physical destruction of hard drives?

I work for an IT department and our information security office has recently cracked down on what we do with drives that we replace. At this point I've got a large amount of hard drives that possibly contain confidential business and customer data. We're not allowed to just toss them for obvious reasons, a good amount of them are physically bad and thus something like kill disk will not work. The security folks suggested drilling holes in the platters or cutting the platters into multiple pieces. Both of which seem crazy intensive. What do you do? I've googled and find lots of folks that will destroy them for me, but that's kind of the point, we can't let others do it. We need to do it ourselves or watch it done on-site.
posted by TuxHeDoh to Computers & Internet (36 answers total)
You *can* get someone to do it, as long as they sign up to accept the risk. Your CSO or legal might rule this out, but it is an option until they do. My legal department found the risk of a third party acceptable. Personally, I'm (as the information security resource) not very fond of outsourcing it, but it's no longer my fight.

An industrial degausser is your next step up (don't use around your credit cards!).

If your legal/itsecurity won't even cotton to this, then, yes, you are getting out the drills.

Has someone put a value on the information that's potentially being disclosed, compared to the staff costs to perform these operations?
posted by sohcahtoa at 10:59 AM on February 3, 2006

Unless you're talking state secrets, a 10 pound sledge and someplace to swing it is probably fine.
posted by teece at 11:01 AM on February 3, 2006

Do you have or can you get interns? We have interns for this kinda thing.
posted by duckstab at 11:02 AM on February 3, 2006

did a quick google seach on "physical destruction of hard drives" and found this, The Garner PD-8400 which is bad ass its not funny. but hopefully it would do what you want it to do.
posted by ShawnString at 11:03 AM on February 3, 2006

which is SO bad ass its not funny
posted by ShawnString at 11:03 AM on February 3, 2006

OK, the PD-8400 is really cool. But price is not listed -- that means it's expensive. At least in the hundreds, maybe thousands.

Again, 10 pound sledge. Under $20 US.

It will do the job. The only way you would need to be more paranoid is if you are talking nuclear secrets or something, as the sledge could very easily mangle the hell out of the platters without even making you crack open the case.

It's cheaper than a drill, too, but the drill is a little more refined.

The other thing to do, before you swap out a bad drive, is to write to any sectors that it will let you with something like shred, but I bet a lot of the time that will be completely ineffective, as you get called to replace completely dead drives.
posted by teece at 11:12 AM on February 3, 2006

We drill holes in ours
posted by soplerfo at 11:18 AM on February 3, 2006

We cut sensitive drives into four pieces with an abrasive cut chop saw. Less than 30 seconds per and a $5 disk will do several hundred drives.

Use outside unless you want everything in the room you use it in covered with black grit that is very abrasive.
posted by Mitheral at 11:20 AM on February 3, 2006

Chop saw. We have to do something similar with aluminum/fireberglass composites. Diamond-grit chopsaw.
posted by bonehead at 11:28 AM on February 3, 2006

Um, I smash open the case, pass a magnet over the disc, then break the disc into tiny fragments.
posted by djgh at 11:32 AM on February 3, 2006

Skip the magnet, djgh, 'cause it isn't doing anything. Remember: There are big ol' magnets inside the hard drive. That's how the heads move. Unless you're carrying around a miniature MRI machine in your pocket, the magnet is just wasting time.

Tux: I second the sledge hammer. The saw is probably more practical, but slamming the drive around with a sledge is just plain fun.
posted by Justinian at 11:52 AM on February 3, 2006

four pieces

Any reason for that? Surely one cut through the middle of the platters is enough, there shouldn't be any need for making djgh's tiny fragments... I mean, decoding the data from a non-spining platter would take a herculean effort. So, as soon as you mess up the balance you are pretty much finished, I would think.

Hmm... You could slap the unbalanced platter into a jig, like some old turntable. Improvise a read head and start dumping data at 33rpm... It would take days, or maybe years, but you might eventually read something interesting I guess...
posted by Chuckles at 11:54 AM on February 3, 2006

BTW, if you have a little time and a torx driver, the head actuator magnets in modern hard drives are wicked strong and worth extracting (if you like strong magnets).
posted by Good Brain at 12:03 PM on February 3, 2006

Why not have a company gun day?

Take whoever is interested out to a local range, set the drives out there, and have at 'em.

My 7mm Mauser would put a hole right through the casing, platters, and whatever's behind the drive, too. And the force of the bullet going through would probably shatter the platters while we're on it, so there you go.
posted by SlyBevel at 12:08 PM on February 3, 2006

When I had to cope with this, I would just pound my rusty railroad spike (nabbed from when the old streetcar line on San Francisco's First Street was being excavated) though the drive using a mallet.

It would be labor intensive to do this for many drives, however. I'd chuck them off the roof one by one.
posted by majick at 12:19 PM on February 3, 2006

Chuckles writes "Any reason for that?"

We like using the saw. Your probably right though, doing twice as much work by cutting the disk into quarters isn't doubling our security if it is even having any effect at all.
posted by Mitheral at 1:12 PM on February 3, 2006

If there are so many people who need hard drives destroyed, maybe me and some cheap 8mm surplus ought to go into business. Fun, fun business.
posted by Seamus at 1:37 PM on February 3, 2006

Anything that will mangle the platters very badly. The sledge sounds like the best idea. Make it a company/department mascot or something.
posted by cellphone at 1:51 PM on February 3, 2006

This'll do it.

All this talk of physical attacks on the media will leave information recoverable, in principle. Even if it destroys 99.99% of the info, on just a 20G drive, that leaves 2M potentially recoverable, and, in the case of a password, even 6 sequential readable bytes could be bad news.

You need to absolutely destroy the media's magnetization by heating it above its Curie point, or absolutely destroy the media, for instance, by soaking the platters in hydrochloric acid until the magnetic media is physically stripped from the platters.

Absolute Data Deletion

Yes, odds are no one would go to the massive effort required to try to recover data from a mangled or partial platter and take advantage of it. But you don't have to leave any odds of that possibility.
posted by Zed_Lopez at 1:59 PM on February 3, 2006

Hmmm, Seamus, now you've got me thinking. I'm in Utah, and there are an awful lot of gun nuts out here.

posted by SlyBevel at 2:00 PM on February 3, 2006

We used an oxyacetylene torch to turn ours into a pile of flaming goo.

Be warned though, it makes more smoke than you'd think.
posted by jackofsaxons at 2:00 PM on February 3, 2006

Ya Seamus, you could go walking around downtown streets with a 10lb sledge over your shoulder singing 'Steele driving man' and '16 tons'. Do the rounds with receptionists at every office to see if any disposal is needed today, and bring the CEO down to watch, to insure that you don't pull any dirty tricks.
posted by Chuckles at 2:01 PM on February 3, 2006

Um, wouldn't it be more efficient to use one of the many magnetic blanking programs to write random data over the whole drive several times? I know there's some residual data after one right, but I could have sworn I've seen statistics that nothing is recoverable after three (or so) runs.

Then you have a nice resaleable or reusable drive.
posted by mikeh at 2:24 PM on February 3, 2006

I collect them, take them to the desert, and a group of us blow the shit out of them with various firearms.

It's a lot of fun and it gets rid of the data too.

Just ship the drives to me. I'll take care of them. Seriously! :-D
posted by drstein at 2:27 PM on February 3, 2006

We use a program called eraser on working disks. Or Darik's Boot & Nuke. Broken hard drives get opened, and the platters go to a company that shreds them. They'd take the hard drives, but we like the magnets. Be careful - those magnets will ruin the finish on the fridge if you're not careful.

Google hard drive disposal service for disposal services. I have gotten a pre-owned pc with payroll data; this task is worth paying attention to.
posted by theora55 at 2:49 PM on February 3, 2006

mikeh writes "wouldn't it be more efficient to use one of the many magnetic blanking programs to write random data over the whole drive several times? I know there's some residual data after one right, but I could have sworn I've seen statistics that nothing is recoverable after three (or so) runs."

Often you have to get rid of a drive that is no longer working. Requirements of legislation like HIPAA may mean that even if you can get the drive to work you have to destroy the platter so that it can not be spun up in another drive or using special tools. Yes it's wild over kill in most cases but if it was my patient records that leaked out because of a salvaged bad drive that wasn't I'd be pretty pissed.
posted by Mitheral at 3:05 PM on February 3, 2006

All this talk of physical attacks on the media will leave information recoverable, in principle. Even if it destroys 99.99% of the info, on just a 20G drive, that leaves 2M potentially recoverable, and, in the case of a password, even 6 sequential readable bytes could be bad news.

Zed, for the majority of corporate uses, this is vast overkill. That's why I said unless it's state secrets or something on the drive, the 10 lb. sledge will work.

The chances of your network getting hacked (or an employee taking data home) is orders of magnitude higher than someone trying to recover data from a portion of a destroyed platter (especially if you dispose of the hard drive well, in addition to destroying them).

Unless you're protecting billion dollar trade secrets in a field with active corporate espionage, or working with national security, anything that makes the drive unreadable by ordinary means is more than adequate.

Paying top dollar to melt a drive is just a waste of money if you are not in that situation. It's important to be pragmatic.
posted by teece at 5:54 PM on February 3, 2006

arc welder.
posted by polyglot at 8:17 PM on February 3, 2006

I've seen drives destroyed in a number of ways, first was to destroy the logic board, this would stop 90% of attempts by Joe-average but wouldn't stop data recovery experts or above average computer people.

As for the discs themselves, i've seen all sorts from software that rewrites random 1s and 0s across the drive, lump hammers, nail guns, and electromagnetic guns.
posted by Nik_Doof at 11:30 AM on February 4, 2006

for the majority of corporate uses, this is vast overkill.

If I were responsible for data disposal, and I were called on the carpet regarding whether a drive had been disposed of securely, I'd feel much better saying "Yes, absolutely" than "It's really, really tremendously unlikely anyone could have recovered anything useful from what was left, and it would have been a really, really difficult and costly task to even try."

Do you have any evidence to back up the efficacy of a sledgehammer, i.e. the results of efforts to recover data from a smashed drive? I have reasonable faith in the platter-shredding solutions, but not much in a solution that might only put some bends into one.
posted by Zed_Lopez at 12:27 PM on February 4, 2006

Zed_Lopez, it can never be better than the second version. You might feel confident enough to say the first, but you would be wrong.
posted by Chuckles at 2:12 PM on February 4, 2006

Try reading the document I linked to and looking up what the Curie Point is and what heating a magnetic material beyond it means.
posted by Zed_Lopez at 3:42 PM on February 4, 2006

Zed, I'd have absolutely no problem telling my boss that I saved him hundreds or thousands of dollars per year, by keeping the company's banal spreadsheets and emails in the "astronomically unlikely to recover" vs. the "impossible to recover as far as we know category."

No problem at all. Pragmatics.

If you're in an industry where complete destruction is required, you don't need to be answering this question. You'll have very specific procedures you are required to follow (which means you probably work for the DOD or NSA or in the R&D dept. of some Fortune 5 company). If you don't have such procedures, even the sledge is overkill, in all likelihood.
posted by teece at 5:05 PM on February 4, 2006

Damn, I thought of more. Think about the people that would be able to recover data from a portion of a destoryed hard drive, like a fragment of a platter.

Those people must have a) access to your garbage. b) the highest level of technical expertise. c) some very expensive and specialized equipment. d) some reason to go to the extraordinary length of trying to get data (of unknown provenance) from a shattered drive. e) the wherewithal, in terms of manpower, to weed through the wheat and chaff (they have no way of knowing which fragment of many platter fragments might contain anything of value).

If there are people out there that meet all of those criteria that want your data, you work in a top secret lab somewhere, and you don't need to ask this question.

Ergo, if you're in the average corporate shop wondering how to dispose of the odd bad drive, the sledgehammer or drill is more than adequate. Going to the step of burning the platters is serious overkill.
posted by teece at 5:13 PM on February 4, 2006

How expensive are y'all imagining an acid bath to be? You can get sulfuric acid for $20/liter.

If you're really set on not losing an excuse to play with power tools, thoroughly strip the surface of the platter with a belt sander -- anything that leaves the magnetic media a disordered pile of rust is great.
posted by Zed_Lopez at 7:34 AM on February 5, 2006

teece writes "Going to the step of burning the platters is serious overkill"

Ya but it is fun :)

Seriously though, the advantage of any gross physical method, including your sledgehammer[1], is that it is easily auditable. You can tell at a glance whether a disk to be disposed of has been punched, sawed in half, drilled, melted and or drowned in acid. You can't tell at a glance that it has a bad logic module or has been overwritten with zeros. No one can sneak a HD out of a secure facility by sticking a DEFECTIVE sticker on a good drive. For organisations that are concerned about data privacy and dumpster diving at recycling facilities overkill physical methods are the way to go. The people in IS and hazard waste management can verify that every disk they send out for proper disposal isn't going to later be fired up by a reporter who'll post naked pictures of the CEO's wife on the internet.

I use the saw method because it gives me an excuse to make a field trip to the shops every couple of months or so. Plus I get to make a bunch of sparks, something that is generally contra-indicated in tech support. And the neo-luddites in the shops get to stick it to a computer. I hope my boss never figures out the same practical result could be accomplished with the drill on my desk.

[1] Personally I wouldn't advocate the sledge hammer for most people. The risk of injury is fairly high from either flying fragments or stray impacts from the hammer. Plus you need some sort of impact resistant base to hold the drive, hitting it while directly on a concrete floor is bad. A 24oz ball pein and a half inch punch is the same price and just as effective if your going for something boringly mechanical.
posted by Mitheral at 9:40 AM on February 5, 2006

« Older Sproutin' Daffodils   |   No, I'm not cold. Why do you ask? Newer »
This thread is closed to new comments.