cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Why organisations destroy storage media they could reuse

Hi All

 

A very interesting piece, on why organisations destroy storage media, whereas they could reuse it?

 

Some of us, who been in the game, realise there are means and ways of restoring data, even after wiping, and pattern writes etc, to many levels down.

 

https://www.ft.com/content/31185370-87f3-4ecb-b64d-341bbc4e5c22?shareType=nongift

 

"The UK’s Department for Education, Department for Work and Pensions, Police Scotland and Police Service Northern Ireland told the FT that they shred all decommissioned data-storing devices. Northern Ireland’s force says it has shredded 30,000 pieces of equipment including servers and hard drives over the past two years."

 

Regards

 

Caute_Cautim

2 Replies
Steve-Wilme
Advocate II

It could be that compliance frameworks require physical destruction of media and that they may not be able to get alternative approaches past their accreditor.  It used to be that IAS No.5 was mandated.

 

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
grut
Viewer

Hi,

 

Simpel explanation :

 

  1. simple fail safe proces. {We destroy / schred all media and confidential media is pre wiped. if wipe fails then the shredder will destroy everything  😁 }
  2. Price / time of labor for wipe, test and reuse storage media. <- Not fail safe !
  3. focus on confidentiality   eg Bell–LaPadula security model "write up, read down" (WURD)
  4. Price of metals 

 2 is costly, 3 gives organisational headache & not fail safe.

1 is the winner and 4 is at the moment nice. ( schredd and sell is cheaper than trade-in / re-use)