Enterprise Data Tape Destruction Projects Require the Right Approach
For large enterprises, media sanitization can be a difficult prospect — particularly when the target is terabytes or petabytes of data on magnetic tape media. The goal of media sanitization is to irrevocably render all data irrecoverable, and tape cartridges have unique characteristics that become more formidable at scale.
No two data tape destruction projects are identical, but the right approach can improve security and cost efficiency. Before beginning media sanitization, keep these considerations in mind.
Define the scope of your data sanitization project.
Enterprise-level data destruction projects can quickly grow beyond their allotted budgets. CIOs and other decision-makers need to identify potential bottlenecks and set goals early in the project, and while this isn’t always easy, it’s an essential first step.
Start by collecting information about the size, format, and number of target tapes. Resist the urge to handle data destruction in-house; as we’ll discuss momentarily, physically destroying tape cartridges can present challenges, and to reliably verify sanitization, personnel will need extensive experience with the type of media they’re handling.
Finally, keep a paper trail. Great recordkeeping is an essential component of any data security project — and needless to say, recordkeeping is frequently neglected. Your enterprise should be able to demonstrate the methods used to sanitize media and should be able to identify all media involved in the project. These records can be useful for planning future projects and establishing better IT security practices overall.
Choose a secure data sanitization method.
Many CIOs assume that sanitization requires physical destruction. That’s not necessarily the case; since physical media destruction can increase the budget for the project, it shouldn’t be the default method.
Nevertheless, one 2009 research report from Enterprise Strategy Group found that 53% of large enterprises used brute-force methods (in other words, physical destruction techniques) to sanitize storage data. In many cases, these physical methods aren’t designed for magnetic tape media, and as a result, they’re largely ineffective from a security standpoint.
Common sanitization techniques for data tapes include:
● Degaussing – For many tape formats, degaussing is effective, but the process must be handled (and verified) by experienced professionals. Improper degaussing techniques can leave usable data in place. Our blog “Why Degaussing Tape Backup Cartridges Isn’t Secure Sanitization” provides additional details.
● Cryptographic Erase – This logical process erases cryptographic keys, rendering the device inaccessible. While this is an acceptable means of partial sanitization, it can make verification (and documentation) much more difficult.
● Shredding – Tape is thin and flexible, and hardware shredders cannot reliably shred tape to eliminate usable data. While shredding is a common method of sanitization, it creates security hazards.
● Incineration – Incineration is secure, but has a serious environmental impact. As a result, some incineration service providers enforce daily limits for data cartridges, which can increase the scope of the project.
Degaussing is a superior option for sanitization, but the process must be performed in a controlled setting by experienced tape specialists. Commercial degaussers can leave small fragments of data intact — while the data will be difficult to restore, partial data recovery is not impossible, and malicious actors can cause a lot of damage with a limited amount of information.
Don’t send old tapes to a landfill (or give them away).
Many sanitization techniques eliminate data without ruining the media. If your enterprise is upgrading to a newer format — or if tapes are nearing the end of their expected storage lifespan — you might decide to recoup some of the costs of the data destruction project by selling the old cartridges.
However, even if you’ve verified erasure, selling or donating your used data tapes can deliver useful information to bad actors and open up data exfiltration vectors. LTO-8 tapes, for instance, have a 16-megabyte Cartridge Memory chip that stores the cartridge’s age, load frequency, error accumulation, and other basic information. Cyber criminals could potentially use that info when planning an attack.
Sending tapes to a landfill presents the same security concerns (along with brand-new environmental considerations). Of course, security issues can be mitigated with proper erasure verification procedures, and Total Data Migration provides environmentally friendly disposal alternatives.
By working with experts, your enterprise can allocate resources more effectively while securely eradicating sensitive data. As industry leaders in tape services, we’re ready to help. Contact us online to schedule a consultation or call (800) 460-7599.