170 likes | 284 Views
Media Sanitization at the Idaho National Laboratory. Jonathan Bates. NLIT 2009. INL’s IT By the Numbers. 12,000 IT Devices owned by INL 9,000 Devices on the Network 5,500 Desktop & Laptop Computers Operating Systems (85% Windows, 9% Mac, 6% Linux)
E N D
Media Sanitization at the Idaho National Laboratory Jonathan Bates NLIT 2009
INL’s IT By the Numbers • 12,000 IT Devices owned by INL • 9,000 Devices on the Network • 5,500 Desktop & Laptop Computers • Operating Systems (85% Windows, 9% Mac, 6% Linux) • Dell Shop (95% Windows Based Computers are Dell) • Office Desktops – Dell Optiplex • Laptops – Dell Latitude • Engineering Workstations – Dell Precision
Protectthe data! Role of IT in Managing End of Life Technology Control Costs – keep the end in mind Go Green – reduce, reuse, and recycle
Importance of Media Tracking Tracking – Documentation – Verification Linking data: chain of custody Verification reporting Label generation
Sanitization Processes Two Previous Sanitization Processes • Clear media and re-use (3 pass overwrite) • Purge (degauss)
Clearing and Reusing • Pros • Media can be reused • Cons • Increased management complexity = • Increased security risk
Degaussing Pros and Cons • Pros • Fast purging of Magnetic Media • Cons • Media appeared to be intact after degaussing • Time spent in tracking and labeling degaussed media • Stacked media on pallets had to be stored in open area due to space needs • Increased auditor visits because media appeared to be fit for use
Taking sanitization to the next level • Changes needed to streamline our processes and tighten security • Reduce footprint • Reduce validation costs • Reduce time sanitizing media • Reduce time tracking media • Reduce security risk of data leakage
Our Solution… Destroy • Drive Disintegrator • Compact: 5 feet wide x 9 feet long x 8 feet high • Can disintegrate 20 drives per hour • Automated self-feed feature • Reduces media to ¼ inch unrecognizable fragments • Destroyed 7,456 drives last year!
Challenges Disintegrator design is critical • Mechanical • Operational • Maintenance Disintegrator vs. Shredder
Shredded material requires less space to store Reduced Footprint
Increased Physical Access Control • Reduced footprint allowed for move to new facility to improve security • Work area is secured by cipher locks • Hard drives and other media that are pending destruction are stored in a security cage within the work area, accessible only by key
Tighter Integration with Property Management Educating Property Management and Disposal personnel on identifying types of equipment to be submitted for sanitization
Streamlined Tracking • Need for continuous media tracking eliminated • All drive media destroyed • Redeployed computers receive new hard drive
The Future Continual Improvement Evaluating… • User-based or distributed processes • Sanitization methods for different media types • How is your lab sanitizing media?
Questions Jonathan Bates PC Redistribution Center Idaho National Laboratory Jonathan.Bates@inl.gov