Hard drive data

Does cutting the platters into four pieces with a tin snips sufficiently destroy the data and/or make it irretrievable?



That's what I've been doing since I don't have a log splitter (as recommended in previous posts lol) and I'm not real tech savvy with wiping software, etc.

Thanks

i think wiping them with a magnet would be faster

Originally Posted by Mechanic688

Wiping the platters with a hard drive magnet will do it also.

Thanks guys, I've been wiping them with a microwave magnet and then cutting them up. I thought I read somewhere that wiping them with a magnet scrambles everything up but some data is left behind or something like that.

Is it sufficient, in most cases yes. If they are from anywhere covered by HIPAA it is absolutely not. The data could still be retrieved from very small pieces by someone who knows what they are doing.

Originally Posted by AuburnEwaste

Is it sufficient, in most cases yes. If they are from anywhere covered by HIPAA it is absolutely not. The data could still be retrieved from very small pieces by someone who knows what they are doing.

Not dealing with any HIPAA stuff, just nervous customers that are afraid to give me their computers for recycling due to the data on the hard drive. Just trying to assure them the data is destroyed otherwise I just take the hard drive out and leave it with them.

Another barrier to obtaining computers is, customers always have data on their old computer they still want but don't know how to retrieve it. What's the best way to do it, hook up the old HDD to the new computer via external HDD adapter or what?

You could do that, but you're not the GeekSquad, and they're not paying you what they'd pay the GeekSquad guy. If they've bought a new computer already, they should have had the data transferred by the vendor (unless they bought it online). Otherwise, they can transfer their data from their old computer to DropBox, Google Drive, or SkyDrive, and either keep it there so it's always easy to access or copy it over to their new machine. If they're too old-school or nervous to do that, then tell them to get one of those little USB flash drives (a.k.a. "stick" or "thumb drive") with enough capacity to hold their old data, and copy everything onto that. It's very nice of you to want to help them with their technology needs , but then you're getting into a whole other line of business! You'll end up spending all your time trying to help people figure out where the heck they put all their files, and later, when they discover that the file with their favorite picture from their vacation 3 years ago is missing, they'll come back and blame you. You need that like you need a hole in the head!

AuburnEwaste: Thanks to you, I learned something new today. I didn't know that HIPAA had compliance rules for data destruction. So I get the impression that different government agencies must have different standards for hard-drive data destruction. For example, DoD is not the same as HIPAA? I'm not in this business, so I've never had to worry about compliance. I just always assumed that there was a single "gold standard" required by all the government agencies.

Originally Posted by FLimits

You could do that, but you're not the GeekSquad, and they're not paying you what they'd pay the GeekSquad guy. If they've bought a new computer already, they should have had the data transferred by the vendor (unless they bought it online). Otherwise, they can transfer their data from their old computer to DropBox, Google Drive, or SkyDrive, and either keep it there so it's always easy to access or copy it over to their new machine. If they're too old-school or nervous to do that, then tell them to get one of those little USB flash drives (a.k.a. "stick" or "thumb drive") with enough capacity to hold their old data, and copy everything onto that. It's very nice of you to want to help them with their technology needs , but then you're getting into a whole other line of business! You'll end up spending all your time trying to help people figure out where the heck they put all their files, and later, when they discover that the file with their favorite picture from their vacation 3 years ago is missing, they'll come back and blame you. You need that like you need a hole in the head!

Thanks for the insight but I never planned on doing it for them, just informing them how to do it so they can retrieve their data and send the computer my way when they're done with it. Also, many of the old computers are dead so I don't know how you could transfer data via the methods you described. Any ideas for dealing with a dead machine?

Hi ScrapperSkip. Oh, good, I misunderstood. Glad you're not getting dragged into being their tech support guy just so you be their e-waste guy.

If their old computer won't power up, then just as you said, they would need to remove the drive from their old machine and use an external adapter to connect it to their new computer via a USB port. Then they can copy or move their data to the new machine's hard drive. The adapters are reasonably priced -- I think you can get one for under $20. Of course, it's always possible that their old computer died because the hard drive failed. In that case, either they'll have to use a backup (if they were remembering to back up their data regularly--unlike me) or they'll have to try to recover as much as possible from the old drive. For data recovery, if they want to try to do it themselves, they'll need to download data recovery software to the new computer. For PCs and Macs, they should be able to find something online that's either free or fairly cheap. Sometimes it's pretty easy to recover most or all of the data, but not always. Otherwise they can take it to whoever provides tech support in your area and have them do it.

I think I'm going to go back up my drive now...

Originally Posted by ScrapperSkip

Another barrier to obtaining computers is, customers always have data on their old computer they still want but don't know how to retrieve it. What's the best way to do it, hook up the old HDD to the new computer via external HDD adapter or what?

when that comes up, I offer to remove the hard drive for them before I leave the property. It useually isn't burried too far, and you have to take it apart eventually anyway

Originally Posted by ScrapperSkip

Not dealing with any HIPAA stuff, just nervous customers that are afraid to give me their computers for recycling due to the data on the hard drive. Just trying to assure them the data is destroyed otherwise I just take the hard drive out and leave it with them.

Another barrier to obtaining computers is, customers always have data on their old computer they still want but don't know how to retrieve it. What's the best way to do it, hook up the old HDD to the new computer via external HDD adapter or what?

I generally install it as a second drive in another system or use a USB drive to copy or transfer it

Some shops use a drill press and drill a couple of holes in the hard drive. If they have any concerns, you can always give them the hard drive back. Then there are no worries! I my shop, if I plan to keep the drive, I use Acronis Disc Cleaner to securely wipe the disk in a bench PC. It's easier for me as I have a computer repair shop. If you disassemble the drive, just deface the disk surface. If you cut the disks up, the only ones that might recover any bits of data would be the NSA, CIA, FBI, or maybe folks with the Black Helicopters. BTW: I just sold 11 pounds of hard drive circuit boards for $100.00 + shipping on eBay. The magnets (if you save up enough, should be of interest to folks building wind turbines (eBay)

As AuburnEwaste said, just using regular magnets generally isn't sufficient to prevent recovery of the data on a drive. Now that you guys have made me curious about this, I went and looked at the NIST's "Guidelines for Media Sanitization." (If you want to have a fun Sunday reading that, it's right here: http://csrc.nist.gov/publications/ni...ith-errata.pdf. Actually, it's probably not a bad idea to have a copy of it on hand so you can wave it around whenever a customer gets nervous about their data.) NIST defines 4 levels of "sanitization," from weakest to strongest:

(1) Disposal: You literally just throw the drive away, no data destruction.

(2) Clearing: You make it impossible to retrieve the data using standard tools such as data recovery software. Generally, the best way to do that is just to use a software tool to overwrite the drive. (There's a free program called Eraser that can be used for this, for example.) NIST says a single overwrite is usually enough.

(3) Purging: You make it impossible to retrieve any data even using non-standard, sophisticated recovery techniques and devices. To reach this level, NIST recommends degaussing, in which the disks are exposed to a very strong magnetic field. To satisfy NIST's requirements, you have to use an approved hard-drive degausser (and it looks like those start at $500).

(4) Destroying: In the end, NIST says good old physical destruction of the drive is the best, most foolproof way to prevent unwanted access to its data. This means total destruction, or as NIST puts it, "disintegration, incineration, pulverization, and melting." Which actually is what does finally happen to the scrap from these drives, I guess, right?

OK, if you're not asleep yet from reading this, here's one last detail that I thought was interesting: Almost every ATA/SATA drive manufactured since 2001 has a built-in suicide function called Secure Erase. Running that function completely destroys all the data on the drive and is just as effective as degaussing.

Glad this topic came up. I know there is a thread on degaussers and I just read it. I deal with bank computers,police and sheriff computers, and hospital computers. They claim to have wiped the drives themselves. I am paranoid and currently tear down the hard drives all the way, then destroy the platters completely. They are starting to want me to either shred completely on site or use a degausser that meets DOD standards. I will obviously charge for this service. Any of you guys do this? A degausser that meets the DOD standard starts around $6,000. Not sure what to do here.