Storage Boards Cleanup
To make it easier to find information about HPE Storage products and solutions, we are doing spring cleaning. This includes consolidation of some older boards, and a simpler structure that more accurately reflects how people use HPE Storage.
Disk Arrays
cancel
Showing results for 
Search instead for 
Did you mean: 

Data security on HP EVA

Markus Gross
Occasional Contributor

Data security on HP EVA

Hello,

does anybody know, where i can get a verification, that data is lost on the disk, when one defect disk is replaced.
One Customer needs something like a certificate, that data on defective disks can not be restored...
4 REPLIES
Torsten.
Acclaimed Contributor

Re: Data security on HP EVA

>> a verification, that data is lost on the disk, when one defect disk is replaced.



There is still data on a defective disk.

Your service provider should confirm the disk will be destroyed (or at least data will be deleted) after a disk replacement.

AFAIR this is part of HPs business conditions and service contracts.

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.

__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Johan Guldmyr
Honored Contributor

Re: Data security on HP EVA

I remember it like that as well.

If you want something in writing or a certificate, maybe you should take that up with HP.
Víctor Cespón
Honored Contributor

Re: Data security on HP EVA

Unless you physically destroy the drive platters, or use a degausser to demagnetize them, the data is still on the disk platters, they can be mounted and read if you have the required equipment. There are companies that do exactly that.

If the drive is returned to HP and can be repaired, all data in it will be erased, or else the disk will be destroyed.

Military installations and security agencies have an special agreement with HP and they do not return the disks. They have their own means of hardware disposal.

All this is explained here:

http://h40059.www4.hp.com/warranty/support/tc.php

During the testing/repair cycle, the disks will have a destructive pattern written onto them that will erase all previously held user data.

Even with the above processes, customers may still be reluctant to return defective disks due to confidential data contained on the disks. Customers who wish to retain the original disk will be required to purchase a replacement disk to affect the repair or, purchase the "Defective Material Retention" service offer.
Don Mallory
Trusted Contributor

Re: Data security on HP EVA

Some vendors have different rules around drives. HP and many others will allow you to not return the drive with an extra cost to you as noted by Victor.

Others (Seagate) will allow you to return the drive controller and drive arm. You get to keep the platters, at no extra cost.

Degaussers can be impacted by the rare earth magnets that are used as part of the drive head mechanism. It doesn't impact all drives, but I had a degausser run on a number of drives that was scheduled for destruction. They were then re-installed on a host and the host boot fine from them. Running the degausser for longer (up to 8 hours) had no impact.

If you have high security requirements (police services, military, HIPPA, etc.) you can either encrypt all data at rest on the drives from your hosts, which is hard to manage on a virtualised array like the EVA, or destroy the disks yourself.

I don't recommend encrypting all data, as it increases storage utilisation, drive CPU use on the server (to decrypt on the fly) and will impact the ability to do de-duplication of data on primary storage, or will require re-hydration, then de-dupe, then re-encryption to backups.

Note that destruction typically must be complete. Drilling a hole is not enough, as there is still enough platter surface to recover data. Use a hammer (large press, drive starts vertical, becomes a pancake. Refer to end of first Terminator movie for example), industrial shredder or melt it down.

There are services that can do each of these (ShredIt, Iron Mountain, etc.)

10 year ago, data could be recovered from drives over-written up to 12 times. I don't know what the current standard is.

Good luck,
Don