Risk
10/31/2008
02:21 PM
Keith Ferrell
Keith Ferrell
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Recycled Storage Media Includes Confidential Data

We've said it before and often: if it's ever held data, don't throw it away no matter how sure you are it's been wiped clean. Now there's evidence that you shouldn't recycle old media either.

We've said it before and often: if it's ever held data, don't throw it away no matter how sure you are it's been wiped clean. Now there's evidence that you shouldn't recycle old media either.Imation, which makes storage tapes, has announced findings that indicate what many have long suspected: there's next to no way to remove all data from a tape (or other medium.)

Which makes re-using the tapes nearly as problematic as throwing them away. (And in most ways more problematic: recycled media remains in use and accessible; at least materials thrown in the trash have a chance of clogging our landfills instead of being mined for unerased data.)

Imation's case rests on the sheer capacity of modern backup media: if even a fraction of a percent of the material on a half-terabyte tape persists after "cleaning," that's multi-megabyte confidential business or personal information headache (or worse) waiting to happen.

The company purchased an assortment of recycled (and supposedly wiped) tapes from the recycled media market, tested them, and found everything from hospital patient records to bank audit information, credit card numbers and more.

Just as Maxell's Halloween backup promotion covered here yesterday recommended using only pristine media, Imation is in the storage media business: both companies are doing business.

But both are also making sound recommendations about storage media re-use, recycling and disposal.

The most dramatic reminder of the persistence of data is also the saddest: a hard disk recovered from the Space Shuttle Columbia disaster yielded readable information.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2970
Published: 2014-07-31
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5139. Reason: This candidate is a duplicate of CVE-2014-5139, and has also been used to refer to an unrelated topic that is currently outside the scope of CVE. This unrelated topic is a LibreSSL code change adding functionality ...

CVE-2014-0914
Published: 2014-07-30
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8 and 6.x and 7.x through 7.5.0.6, Maximo Asset Management 7.5 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 6.2 through 6.2.8 for Tivoli IT Asset Management f...

CVE-2014-0915
Published: 2014-07-30
Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management 6.2 through 6.2.8, 6.x and 7.1 through 7.1.1.2, and 7.5 through 7.5.0.6; Maximo Asset Management 7.5 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk; and Maximo Asset Management 6.2 through 6.2.8...

CVE-2014-0947
Published: 2014-07-30
Unspecified vulnerability in the server in IBM Rational Software Architect Design Manager 4.0.6 allows remote authenticated users to execute arbitrary code via a crafted update site.

CVE-2014-0948
Published: 2014-07-30
Unspecified vulnerability in IBM Rational Software Architect Design Manager and Rational Rhapsody Design Manager 3.x and 4.x before 4.0.7 allows remote authenticated users to execute arbitrary code via a crafted ZIP archive.

Best of the Web
Dark Reading Radio