On Tue, 19 May 2015 07:25:41 -0500, Todd Arnold <[email protected]> wrote:
>Phil Smith wrote: > > ... and when decommissioning hardware-no more "How many DSEs should >we > do? or "Should we take the drives out back, shoot ‘em with a >12-gauge, > and then drop ‘em in the ocean?". > >Actually, there is a much more interesting corollary to this scenario. If you >have a drive that fails and has to be replaced, that drive still contains your >data, but you are unable to talk to it any more - so you have no way to do >overwrites to erase the data. If the data was encrypted on the drive, you >have no problem - but otherwise, if the vendor requires you to return the >failed drive, you have a problem because you're giving someone a copy of >whatever data was on that drive when it failed. (If you don't have to return >the drive, of course, you can physically destroy it - but that is a pain in >the neck to do.) > In the past we have purchased 'Drive Retention Insurance' where we get to keep failed drives for shredding. But the latest subsystem we implemented contains 1.6TB Flash Module Drives, I would suspect retention insurance would be very pricey for something like that, so that makes full drive encryption almost mandatory. Dana ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
