Manualshelf

Datasheet

ManualsBrandsFor Dummies ManualsSoftware978-0-470-48738-9
11121314151617181920
Book IX
Chapter 1
Fundamentals
of Security
1057
Do Not Forget about Data Protection
Hard drive destruction
Destroying data that resides on a computer hard disk typically involves
shredding the computer hard drive with a huge shredding machine, or
destroying the drive another way, such as sanding the platters down to
nothing.
I have talked to some customers who used to destroy drives by driving
spikes through them, but what they found was that the data around the
hole that the spike put in the drive could still be read! These customers now
disintegrate the drive in a huge shredder. Other customers sand the drives
right down to nothing. Either way, if securing the data is a concern, make
sure to physically destroy the disk that contains the data.
Data wiping
Instead of destroying the drives with a traditional shredded, some com-
panies use a shredder application, which writes a bunch of 1s to the drive,
thereby overwriting the previous data. These applications typically over-
write the drive a number of times because hackers can retrieve the data
from disk even after it has been overwritten a few times. When purchasing
shredding software, be sure to investigate how many overwrite operations
the software performs. I recommend using software that overwrites at least
seven times.
Hard drive recycling
What do you do with your hard drive when you get an upgrade or replace-
ment drive? Well, you could pass the hard drive on to someone else who
needs the drive, or you could have the drive recycled. After all, a number of
useful parts are on the drive, such as the hard drive platters and the magnets.
However, be aware of the risk of passing your drive over to someone!
Companies concerned with corporate security and data privacy will likely
opt to destroy the drive instead of recycling because of the risk of having
private data lifted off the drive.
Backing up data
A big part of securing the data environment is not only setting the permis-
sions but also ensuring that you create a good backup and restore strategy.
Identify which files are critical to the operation of the business and should
be backed up. You also want to be familiar with all types of information
used by your company. For example, you might depend on e-mail, so make
sure that you back up your e-mail server along with any files in shared fold-
ers. If your company stores important data in databases, make sure that you
back up those databases as well.
49_487389-bk09ch01.indd 105749_487389-bk09ch01.indd 1057 9/10/09 11:03 PM9/10/09 11:03 PM