Java Solaris Communities About Sun How to Buy United States Worldwide

Partner Feature

July 23, 2007 -- Sun partner PeakData, LLC of Niwot, Colo. has developed an innovative set of services, centered on data eradication, to attack a new category of financial and competitive risks head-on.

There was a time, not so long ago, when the primary data-management goal of IT organizations was to preserve data from various forms of loss - from issues related to such things as mechanical (hard) failure, software failure and natural disasters. But the world has changed. A new and multiplying batch of government regulations is keeping both CIOs and CFOs awake at night, according to CarrieAnne Curtis, Media Services general manager and data-security expert at PeakData. Now, enterprises are struggling to find fool-proof ways to get rid of their once-precious data.

Do you know where your data is? The cost of the new regulations

More than 30 new state and pending federal regulations are designed to protect individuals from the loss of their personal information maintained in organizations' IT systems. The net effect of these kinds of security-breach regulations, according to PeakData's Curtis, is that:

  • An organization must maintain total control of personal data it owns or licenses - at all times
  • If the organization loses track of this data for just minutes, or even seconds, applicable regulations demand that the organization notify, in writing, every individual whose information might possibly have been exposed
According to Curtis, the cost of this type of notification process can run as high as $125 to $175 per person. One well-publicized security-breach case cost the organization involved more than $10 million. Clearly, much is at stake in this new regulatory environment. But what to do?

To destroy or not to destroy?

"Ever more sensitive to complex compliance obligations," Michael Klatman, vice president of Marketing at PeakData, says, "many organizations have gone to extremes to protect data from falling into the wrong hands. In many cases, these extremes include the physical destruction of failed or retired disk drives: an approach that has negative economic as well as environmental consequences." The risks associated with these new regulations are real. But is it really necessary to destroy retired or broken disks in order to avoid falling afoul of the law?

While it eliminates business risk, physically destroying disks also destroys the residual economic value of those disks. And that can cost as much as $1,000 per disk. By contrast, the logical destruction of data through the process of disk eradication permits the enterprise to recover that economic value from their disk subsystem vendor: a strategy that pays for the eradication process many times over.

Destroying data...

Any organization that is destroying (or locking away) retired disk drives, according to Klatman, ought to consider using PeakData's disk-eradication services - whereby PeakData comes onsite and, using its own proprietary system and methodology, logically (rather than physically) removes the data - and certifies, according to the Department of Defense 5220.22-M standard1, that data cannot be recovered from the disk drives in question. Special technologies and methods are required to implement this standard because typical storage firmware and software are not designed to be able to purge all traces of data in this manner.

During the disk-eradication process, the customer's disks never leave the data center, according to PeakData's Curtis, and legacy storage subsystems do not need to be powered up, saving precious energy. Instead, PeakData technicians remove disks from their enclosures and place them in the company's unique Data Eradicator system chassis. The Data Eradicator then performs the minimum required three passes of binary rewrites (over each sector and bit) according to the DoD 5220.22-M standard.

...And proving it

Once the rewrites are complete, the unit automatically generates a customizable XML/PDF certificate for each disk, showing the (embedded) serial number of the disk, the number of passes made, the time and date of the operation, and the names of the technicians and witnesses present. In this way, PeakData can guarantee to its customers that the DoD 5220.22-M disk-eradication standard has been met - and that all of the old data has been purged.

Each Data Eradicator unit can process up to 36 disks at a time - and as many 10 units can be implemented simultaneously: which means that the systems can process 360 disks, or almost 15 terabytes, at once. And the unit is highly secure, according to Curtis, having no writable media of its own; instead, the Data Eradicator's specialized operating system and logic are contained solely on read-only CD/DVDs. The eradication system works with SCSI, FATA, mainframe or open-systems disks.

Sun Partner Advantage

"All of us at PeakData, and particularly in our new Media Services organization, are proud of what we are able to do for customers with our disk-eradication services," says Klatman. "Today, we can save enterprises potentially hundreds of thousands of dollars by recovering the residual value from their disk drives. Tomorrow, we look forward to partnering with other Sun value-added resellers in order to extend these same services - under their brands - throughout the country and, eventually, around the globe."

PeakData, which got its start in the mainframe market, provides its services today in the continental U.S., Alaska and Hawaii.

[1] DoD 5220.22M is government shorthand for the National Industrial Security Program Operating Manual (NISPOM)

 
Readers Survey
I found this article...
Not Informative   Informative   Very Informative
Comments:
Subscribe to Sun Newswire Now

Related
Sun Partner News Features - Archives
Sun.com Partner Advantage
Sun.com News
Contact About Sun News & Events Employment Site Map Privacy Terms of Use Trademarks Copyright 1994-2008 Sun Microsystems, Inc.