Straightforward query – what number of drives does this server have?
When you counted six, you’d be improper.
Think about this situation in the event you’ve been requested to decommission a server and you should account for the drives within the machine as a part of your inner course of for dealing with information bearing gadgets or media. You’ve eliminated the drives from the entrance of the server, so that you’re all set, proper? You report again into your system of document that these drives have been eliminated and also you ship the system to your reseller or supplier – then the reporting despatched again to you exhibits that there was media nonetheless within the server, and even worse you discover out from whomever bought the unit that they discovered your information on the system. What provides?
Seeing Is not All the time Believing
Whereas it’s straightforward to account for storage media and gadgets which are readily obvious and observable, the reality is that many gadgets include information that you just simply can’t affirm the presence of with out figuring out it’s there. This may be particularly difficult when a server or storage system is within a rack that’s totally cabled up and within the presence of different manufacturing servers, so you may’t pull it out to search for your self previous to disposition. With the arrival of smaller type issue drives corresponding to M.2, EDSFF, mSATA and different flash media corresponding to SD/MicroSD/CompactFlash and so forth., it’s changing into more and more extra frequent to search out these smaller drives within gadgets as nicely, both connected to the motherboard, on a PCI-E enlargement card, out of band administration system, and so forth. Configurations and different information will also be contained in non-removable inner storage areas corresponding to NVRAM. It’s now not as straightforward as trying on the entrance of a machine to find out the storage gadgets held therein.
A Sage Buyer Perspective
A Sage buyer skilled this situation lately – the drives from the entrance slots have been eliminated by the shopper; nevertheless upon receipt at our processing heart our technicians discovered a hidden drive within the unit and we inventoried and secured the drive by our NIST compliant erasure processes. Regardless of the shopper’s greatest efforts, their crew didn’t fully safe the server earlier than it was faraway from the placement as per their Info Safety crew’s necessities, and doing so would have required disassembling the server and figuring out the place to look. Sage offered the shopper with photographic proof of the drive and offered a Licensed Knowledge Erasure Report confirming the erasure was carried out and profitable. This whole occasion made for an eye-opening expertise for our shopper and one which additional demonstrates the worth of a mature ITAD supplier, expert in applied sciences supported by the group.
Is Your ITAD Supplier Addressing These Situations?
When deciding on an ITAD service supplier, make sure that to search for one which has the processes and procedural rigor to function in eventualities just like the one talked about above, which embody figuring out and sanitizing the information on these gadgets. A mature supplier will probably be one which is aware of about these “gotchas” and maintains a database of merchandise together with the product class, make, and mannequin that acknowledges when a tool is information bearing, even when it isn’t instantly apparent (not all information sanitization is as cut-and-dry as erasing a tough drive!). Your supplier must also carry out further validation by opening models to confirm that there isn’t inner media inside a tool that could be current however disconnected from a system board, which might be invisible to regular systematic processing of a tool. We hope this steering can assist you to shut gaps that is perhaps current that will unknowingly open you to information leakage/breach dangers. 
