Security---Badge-Server-1The world’s data is growing at a remarkable pace, faster than we once could have ever imagined. Three years ago, 5 exabytes of data were produced in two days; today, we produce 5 exabytes every 10 minutes. To put this into perspective, 1 exabyte is equal to 1 billion gigabytes; 5 exabytes is equal to all the words ever spoken by human beings. IDC projects that by 2020, 31 billion devices and 4 billion people will be connected to the Internet, pushing the exponential data curve to its limits.

While more than 70% of this data is created by individuals, it is business enterprises that have responsibility for most of its storage, protection and management. Not all digital data is sensitive, but at least 40% of it is—from corporate financial data and medical records to personally identifiable information such as user account data. Globally, less than half of this sensitive information is properly protected.

In the current environment, with daily media reports of giant data breaches, the importance of data security is obvious. According to Ponemon Institute, the average cost of a data breach is $3.5 million. So no responsible player would cut corners in this area. But, it’s easy for enterprises to get panicked into spending more for security, even if it’s not very cost effective or efficient. And conversely, to get forced into poor security because of cost or productivity constraints.

Let me provide a few common situations for example. Unable to effectively sanitize data onsite, a company will use secure transport, sometimes with armed escort and lockboxes, to ship assets to a third-party facility for erasure. Does this pose a security threat? Maybe not, but the company is still transporting assets containing sensitive data—and at quite a premium.

So, instead a company attempts to wipe hard drives onsite, thus reducing transport cost and security risk. Only one problem: even the so-called industry leading sanitization tools can take days, and sometimes even weeks, to erase the server configurations in today’s data centers. Even worse, these tools may not even support large-capacity or solid state drives (SSDs), and even if they do, will typically fail to erase 40-50% of the time. Forcing these drives to be destroyed—along with their residual value.

Now, imagine where you have tens of thousands, hundreds of thousands or even millions of these drives—which most hyperscale data center infrastructures do. Then consider that 2-3% of those drives may fail in production on any given day and require immediate attention.

This is life in the big data center. How you handle these situations can and will have a dramatic impact on your security as well as the “Total Return” from your disposition project. Total Return is a methodology for measuring results by overall performance, not just price. It involves calculating the actual value gained (or lost) from a combination of operational efficiency, security, environmental factors and, yes, the bottom line.

Total Return from a data security perspective balances the level of security you receive with the total investment you make to achieve it. There are several critical factors to take into consideration:

  • Reliability. Simply put, the tool you use to sanitize drives must be able to operate in the modern data center environment—oft populated with high-capacity storage and solid state drives. The solution must run effectively on any manufacture, size or type of drive, independent of the operating system, and as reliably on decommissioned drives as those flagged at risk by your health monitoring asset management systems.
  • Speed and scalability. The tool must run fast and process any number of drives in parallel rather than in sequential order. As this case study shows, our platform took a cluster wipe from 10 days down to two, reducing internal IT labor by 80%.
  • Yield. This important factor is rarely discussed, and almost never in the context of security. But it should be, for two reasons: 1) if erasure fails, the drive is typically destroyed, but unless you have video documentation there is risk data-bearing drives could slip out the back door and into the hands of profiteers, and 2) you cannot otherwise reuse or remarket those drives for residual value. If you’re only getting 50-60% yield and have millions of drives, well you can do the math. We discuss yield in greater depth in Part 2 of this blog series.
  • Process. Are you sanitizing at the time of decommission? Erasing in-cabinet or removing the drives? If your erasure solution is too slow or incompatible, are you forced into secure transport, shredding/degaussing or storage? How much of your sanitization process is automated, or otherwise at risk to undetected failure or human error?

Our proprietary platform, Teraware, drives Total Return by allowing you to sanitize storage devices in your own environment and by consistently generating a 90+% wipe yield, which means you can resell a lot more drives and destroy far less. Teraware can be integrated with your asset management infrastructure and run over a private network, configured on a hardware/software compliance custom-engineered for your specific data center environment and your asset volumes, or can even be deployed from a USB drive. It can erase in-cabinet (preferred for security and productivity reasons) or loose drives, and is the only solution certified to erase solid state drives to a forensic level. All told that means you have an efficient, scalable and highly secure solution for achieving consistently higher yields and SSD compatibility.

With the proper tools and internal processes, no longer must the purely financial interests of your company be at war with the security of your data, nor efforts to reduce your carbon footprint. For the first time, you can have your cake, and eat it too!

We hope you’ll return to this space to read the next installments of our blog series, or better yet subscribe to receive automated alerts as they are posted. In the meantime, you can learn more by visiting our Total Return page and reading this case study to see how we delivered a $14+-million annual Total Return to one of the world’s largest cloud providers. Then contact us to receive a free Total Return appraisal for your next data center disposition project.

 

view-doc-icon

Read our case study to see how we helped one customer achieve a $14+ million Total Return annual savings ❯❯