The issue of shredding storage devices that could be reused is indeed a concern, as highlighted by Jonmichael Hands from the Circular Drive Initiative (CDI) and Chia Network. While some storage devices are retired by large data centres when their warranty expires, the CDI estimates that around 90% of hard drives are destroyed upon removal. This practice occurs due to the risk management policies of cloud service providers, who aim for a zero-risk approach when it comes to data security.
However, the irony lies in the fact that shredding devices is not foolproof. The latest drives have a high data density, making it possible for sophisticated data recovery techniques to extract information even from small fragments of the drive. Therefore, alternative methods for securely reusing storage devices should be considered.
The IEEE Standards Association has developed a standard for sanitising storage devices, providing guidelines for three different methods: “clear,” “purging,” and destruction. The “clear” method involves deleting all data but leaves the possibility of recovery using specialist tools. It may be suitable for internal reuse within a company. On the other hand, destruction through melting or incineration ensures data can never be recovered but also renders the drive unusable.
The purging method offers a secure option for reusing drives. Purging can be achieved by overwriting the drive with new data patterns that make the original data unfeasible to recover using current tools and techniques. Another approach is cryptographic erase, which involves deleting the encryption key, rendering the data scrambled and unreadable. Drives with built-in encryption can utilise this method, making them safe to resell.
Considering the environmental and economic benefits of reusing storage devices, it is essential to promote secure methods like purging that maintain data privacy while allowing for their continued utilisation.