Data Destruction Done Right!
eXcelisys Builds Monitoring Tool to Track & Audit Disk-Wiping Process
When banks, insurance companies, and health-care systems get the urge to purge, they call Archive Data Solutions. With a home base in Westerville, Ohio, Archive Data Solutions dispatches techs nationwide to wipe sensitive data from decommissioned hard drives and SSDs when they reach end-of-life.
“It’s not rocket science,” said Andy Haenszel of Archive Data Solutions, “but it can be overwhelming.” Haenszel said the issue is the sheer number of drives a company may have coming offline from servers and workstations, combined with the increasing capacities of those drives, making it a laborious process. Haenszel said many IT teams simply don’t have time to deal with it — plus, having an independent, third-party firm wipe the data helps with compliance.
How Does Data-Wiping Work?
To sanitize data, Archive Data Solutions uses a popular disk-wipe software program that runs on Linux. The software makes multiple passes over each disk, overwriting the data with zeros and ones until the “prior state,” or echo, can no longer be recovered.
Think of it like removing graffiti. If you wash it off the wall, remnants remain faintly readable underneath. A better solution is to “paint” over the wall until the graffiti is undecipherable. That’s essentially what data-sanitization software does.
The Quest for a Better Wipe
For years, Haenszel has been trying to make peace with the imperfect, off-the-shelf data-wiping software. “It functions very well for the average user trying to wipe a couple of drives at a time, but to use it at scale was just painful.” The problem was a lack of feedback, and lack of an end-to-end audit process.
Haenszel said Archive Data Solutions needed a better way to track every drive that entered the wiping process, view the progress along the way, and have a clear audit trail of the results. As Haenszel pointed out, many issues that can derail the process are out of their control — such as an onsite power failure, an OS that hangs, or a drive with power connectors that are bent. “If 100 drives were hooked up to wipe and the entire system went down for one of those reasons, we were not able to see eXactly where each drive stopped in the process.” The only option was to be safe and start the hours-long wiping process over again on every disk in the job. A wipe cycle can easily take 16 hours, so these “do-over” errors added up.
“I’m going to send someone halfway across the country and I don’t know what I’m walking into,” said Haenszel. “If I can’t track eXactly what’s going on in every drive in that system and have to repeat drives to be sure, I lose days and the project might not be profitable any longer.”
Seeking a data sanitization tool to help monitor the process, Haenszel contacted eXcelisys. He eXplained his pain points to web app developer Michael Suhrbier, who utilized the LEMP stack (Linux, NginX, MySQL & PHP) to create a wipe-monitoring tool. The stand-alone system runs on a Linux machine, isolating each drive in a job. When the drives are plugged in and the wiping starts, the monitoring tool displays the drives, models and serial numbers in the job, along with a color-coded process bar for each one.
Techs use the color coding to make a quick, accurate assessment of the destruction in process. Red indicates the process has been terminated, yellow indicates there is an issue needing attention, and green means all is well, the disk-wiping has completed successfully. “Michael’s framework allows me to see which need to be reprocessed and which finished,” said Haenszel. “Having full, 360-degree visibility is a night and day improvement over the software’s out-of-the-box functionality.”
- Remote monitoring. With the new data sanitization tool, techs can monitor a job off-site from a laptop or phone. When the project started, Haenszel was not even thinking about remote tracking. “It’s a nice add,” he said, “because it allows us to stay out of our customer’s way as much as possible. We can leave the site and return back hours later when it’s time to swap out the next round of drives.”
- Certificate of Destruction. Once the cycle has finished, the tech can click one button to generate a PDF “Certificate of Destruction” that lists the serial numbers of the drives destroyed in that job. The PDF can then be filed away for compliance.
Wiping out the Competition
The new data-wipe monitoring tool helps Archive Data Solutions complete jobs efficiently and accurately. Now, when a job finishes, the tech knows eXactly what happened with each disk and can even perform a cross-check audit of serial numbers in the run to ensure accuracy. Haenszel said the monitoring and auditing tool helps Archive Data Solutions outshine the competition because of the transparency and peace-of-mind it offers clients in knowing the job will get done right. “It definitely makes us stand out among the competition.”
Likewise, Haenszel thinks eXcelisys stands out among the competition. Before hiring eXcelisys, Haenszel worked with a couple other developers who “failed miserably” in figuring out a way to build a monitoring tool. Then, he remembered eXcelisys. Since 2008, Archive Data Solutions has used eXcelisy for FileMaker support. “I thought, ‘Hey, the FileMaker community is quirky and they tend to know Linux.’ ” A phone call later and the job was under way. “You guys have been really great,” he said. “eXcelisys took this four steps past what I would have even asked about.”