an introduction to asset recovery
DESCRIPTION
A brief introduction to best practice in managing the retirment of used ICT equipmentTRANSCRIPT
Sims Metal Management LimitedASX Code: SGMNYSE Code: SMS
Securing the data on your retired electronic assets
Information Governance, Risk and Compliance
20/05/2010
2
Agenda
• What are the methods for retrieving data?• What are the recognised methods for destroying data, their
advantages and disadvantages• Understanding ICT equipment, the potential data it holds and
how best to destroy it• Methods of raising awareness for the need of a secure asset
retirement program• Information about your data – understanding what has been
destroyed• In summary who are Sims Recycling Solutions
– Why we are experts
Sims Metal Management LimitedASX Code: SGMNYSE Code: SMS
The Methods for Retrieving Data
With gratitude to Pete Warren, Investigative Journalist (ICT Industry)
3
Examples of Data Leakage
• In 2005 100 Hard Disk Drives bought on eBay for £5 each– 1 in 7 had valuable data on including– Paul McArtney’s financial records– Pension plans, customer databases, financial information, payroll records,
personnel details, login codes, and admin passwords for one of Europe’s largest financial services groups
• August 2008, computer bought on eBay for £35– Held personal data on a million customers from RBS, NatWest and American
Express (accidentally sold by their data holding company)
• 2008 Mobile phones case study – Glamorgan University– 161 phones were randomly bought on eBay: 82 still worked and of that:– 7% were deemed to hold enough info to allow for stolen identity– 7% would have allowed corporate fraud to take place– Of the Blackberry’s bought: 27% carried company data and 16% carried personal
data– One well-known Australian Senior Businessman’s phone revealed details of illicit
affair
Examples of Data Leakage
• In 2009 Hard Disk from eBay yielded secrets of the Lockheed Martin’s THAAD Missile Defence System (Star Wars)
– Names and phone numbers, templates for Lockheed, design documents, subcontractor documents, security policies and blueprints of facilities, as well as a Lockheed Test Launch Procedure PDF, employee personal info and social security numbers
• 2010: Warehouse in New Jersey - 4 photocopiers were randomly bought $300 each
– New York Police Sex Crimes Division, papers still left on copier but lists of offenders and victims were found on hard drive
– New York Narcotics Division, list of targets for major drugs raid– 95 pages of names, pay stubs and social security numbers– 300 pages of individual health records
• 2010 study into 43 USB Sticks bought on eBay– 2 (4%) were damaged and as a result, unreadable.– 2 (4%) had been effectively cleaned and contained no recoverable data– 20 (46% of the readable USB Storage devices) had been deleted or formatted, but still
contained recoverable data.– 41 (95% of the readable USB Storage devices) contained data that could be easily
recovered, • 8 (40%) contained sufficient information for the organisation that they had come
from to be identified. • 14 (70%) contained sufficient information for individuals to be identified.
Methods of retrieving data
• Recovery of data from equipment is incredibly sophisticated
• Recovery of data can be achieved from almost any device
• HDD from Shuttle Columbia’s black box– Found in dried up lake bed alongside Shuttle debris 6 months
after the catastrophe– Within 2 days Kroll Ontrack Inc. had recovered 99% of data
Pros and Cons of in-house solutions
• Pros– Data never leaves your location, so there is no risk of loss during transport to
a processing facility– Data is destroyed by your own trusted staff
• Cons– Destruction systems can be expensive and low volume processing will mean
a long return on investment– If staff are not fully trained and focused on task, they may miss items– Lack of space and/or resources to ensrue segregation between data
destroyed and non-data destroyed units– Data destruction can be a time consuming process– Your company will still have to deal with a third party to ensure appropriate
treatment of “waste” data destroyed units
Pros and Cons of outsourced solutions
• Pros– No capital investment required– Experts at data destruction using best practices
• May even operate to better standard than client’s– Third parties are able to handle multiple destruction methods and also advise on
the best methods for particular items– There does not need to be any volume issues through a third party– Waste disposal compliant with regulations– If something goes wrong, you have a liable partner with appropriate insurance
• Cons– Data may be transported off of your location (however new on-site services
available or alternatively ensure your supplier has secure logistics)– Data is handled/destroyed by non-employees– May require minimum destruction quantities greater than your needs– There are different types of contract available for electronic asset management,
you might get tied into a bad one, if inexperienced at asking right questions– If hardware is not disposed of properly, you could be included in a environmental
liability case (check the credentials of the company involved)
Sims Metal Management LimitedASX Code: SGMNYSE Code: SMS
Recognised methods for destroying data
Advantages and Disadvantages
What knowledge exists on data destruction?
• What are the standards that exist within this area?• What methods exist to achieve data destruction?
Data Destruction - terminology
• Guidance on secure data destruction is detailed in: – HMG IA Standard No. 5, Secure Sanitisation of Protectively Marked or Sensitive
Information, Issue 3.1, October 2009– Set standards for data erasure on magnetic, semiconductor and optical media through
overwriting and degaussing
• CESG (Communications Electronic Security Group)– National Technical Authority for Information Assurance– Concerned with data security through software deletion & degaussing
• Hardware destruction to acheive secure data destruction, to Government Standards, requires granulation to less than 6mm
• List X - Capability to transport, store & manage protectively marked data
Impact Level (IL)
IL Descriptor of Data
Secure Sanitation Level (SSL)
High or low security
6 Top Secret SSL3 High
5 Secret SSL3 High
4 Confidential SSL2 High
3 Restricted SSL2 Low
2 Protect SSL1 Low
1 Protect SSL1 Low
Data Destruction – Software based
• Examples of bespoke software certified by CESG– Blancco, DESlock, IBAS Expert Eraser, Kroll Ontrack, UltraErase
• Capable of SSL1 – SSL3 depending on the software solution
• Systems tested and ratified by QinetiQ• An appropriate system must use a trusted “boot” procedure to
ensure malicious code cannot be executed
• Appropriate systems must give you a detailed report on:– The disk capacity to be overwritten– The number user addressable areas that HAVE and HAVE NOT been
overwritten– The number of bad or unusable sectors that CANNOT be overwritten
• An overwriting sequence consists of overwrites a binary number (Octet), followed by its complement, followed by a random sequence
Data Destruction – Software based
The overwriting sequence can be repeated up to seven times depending on security requirements (to ensure full overwriting)
• Advantages:– Equipment can be reused– Software asset register can be
retrieved– Service can be tailored to needs
(control costs)– Highly portable
• Disadvantages:– Report of destruction only (no
visual confirmation)
– Only suitable for certain devices
– Relatively slow and labour intensive
Original Data
Data Wipe (1st pass)...
Data Wipe (2nd pass)...
... Subsequent passes.
Data Destruction – Hardware based, Degaussers
• Examples of Degaussers approved by CESG:– Verity (Verity Systems); Hard Disk Magnet Crusher (Future Technology
Industry);
• Equipment that generates a magnetic field powerful enough to destroy magnetically stored information on hard drives or solid state memory devices
• Coercivity – is the power of the magnetic field required to reduce the materials magnetisation to zero, some equipment requires higher ratings than other equipment (measured in Oersteds, Oe)
• Standards– The CESG standard approves equipment for both the higher and lower levels
of security
• Degaussers must be tested and retested for effectiveness:– Initially; whenever required by CESG; regular user testing
Data Destruction – Hardware based, Degaussers
• Advantages– Potentially suitable for any
type of electronic equipment– A medium speed for
processing– Highly portable– Component materials can
be recycled
• Disadvantages– No “visual” confirmation of
successful destruction
– No ability to “report” on success of destruction
– Operator dependant
– No reuse potential
Data Destruction – Physical destruction
• Government Standards exist for – Central Destruction Facility
• Standard refers to an approved facility capable of certified destruction• Approved organisations must all be certified to ISO9000 quality systems
– Destruction equipment• Standard refers to the equipment used for the certified destruction
• HMG IA standard generally refers to the use of a granulator to reduce equipment to flakes of less than 6mm in size
– Other appropriate methods of destruction include: fire; abrasion; explosives/thermite!!!
• With right systems in place, these systems are capable of safely destroying up to IL6
• Often the “granulated” material is then sent to recovery facility– Mixed with other high grade material– Processed into constituent materials via magnet systems, etc.
Data Destruction – Physical destruction
• Advantages:– Fast processing– New services are
transportable for “on-site” destruction
– Component materials can be recycled
– Visual confirmation of secure destruction
• Disadvantages– Not available for reuse– Fixed facility operators will
require secure transport
Sims Metal Management LimitedASX Code: SGMNYSE Code: SMS
Understanding ICT Equipment
Data risk by equipment and how to destroy it
What equipment is at risk?
• Open discussion – what equipment is at risk and what is the extent of that risk?
Desktop, laptops, servers
• Information– Comprehensive company
information
• Data Risk (100Gb upwards)
• Recommended Disposal– Software (allows reuse)– Physical Destruction
(perceived as more secure)
Printers, Scanners, Copiers, Faxes
• Data Risk many contain:– Internal hard drive (around
4Gb – 20Gb)– Digital “flash” card (1Gb) – Data is retained until
overwritten • Information
– Personnel Records, Passports, Reports
• Recommended Disposal– Software (allows reuse for
high value equipment)– Physical Destruction for
desk top units (low value)
Data storage media
• Data Risk– Almost any company
data is conceivable– 1Gb up to 100Gbs
• Recommended Disposal– No current (ratified)
method of achieving software deletion
– Physical Destruction
Communications devices
• Data Risk includes:– 1Gb+ flash and hard drive
memories• Information
– Personal data, bank accounts etc.
– Contacts– Emailed documents– Satellite navigation data
addresses• These devices are only just
getting data deletion options• Ratified methods for software
erasure only now being developed (Blancco)
• Recommended Disposal– Hardware destruction
Network equipment – Routers and Switches
• Data Risk– Not company data but
do contain network‐specific data such as static IP addresses which expose networks to external risk of infiltration
• Recommended Disposal– Physical Destruction
Point of sale, retail debit/credit terminals
• Data Risk– Some contain flash
memory
• Information– May contain personal
credit/debit information
• Recommended Disposal– Physical Destruction
Specialist equipment
• Medical and military equipment, etc
• Data Risk– Operation dependant
• Recommended Disposal– Physical Destruction
Sims Metal Management LimitedASX Code: SGMNYSE Code: SMS
Methods of Raising Awareness
How to kick start a secure asset recovery strategy
Methods of raising awareness – open discussion
• Survey conducted at Information Security 2009– 37% of employees would give away company info in exchange for a bribe
• Of that 37% the percentage breakdown of bribe was:– 63%... £1 million– 10%... Their mortgage paid off– 5%... For a holiday– 5%... For a new job– 4%... Paying off Credit Card debt– 2%... For a free slap up meal!!!
• 68% of employees felt it would be easy to sneak data out of a company
• In this culture, what are the possible ways to raise awareness for the issues of data security?
Sims Metal Management LimitedASX Code: SGMNYSE Code: SMS
Information about your data
Understanding what has been destroyed
Blancco Data Erasure Report – page 1
Blancco Data Erasure Report – page 2
WebView - Client billing report
• Asset Tag Data
• Recovery Details
• Unit re-use, recycle• Unique Blancco reference
number
WebView - Deleted software register report
• Activity and Tracking ID• Unit type• Serial number of Unit
• Operating System/License• Software product deleted
Information about your assets and data
• What other information would you find useful to know about your redundant electronic assets?
Sims Metal Management LimitedASX Code: SGMNYSE Code: SMS
Sims Recycling SolutionsICT Asset Management
In summary – Why we are experts
Sims Recycling Solutions - Global
• Turnover as part of Sims Metal Management - circa €5 bn.– World’s largest metals recycler (public company ASX/NYSE)– In 2009, Carbon Footprint was 319,256 Tonnes. Less than 3% of the total
carbon saved by our activities – over 13.6 Million Tonnes
• The world’s largest electronics recovery and recycling company– 38 facilities world-wide
• Over 400,000 tonnes of Electronics recovered annually– The equivalent to over 25 Million Desktop Computers– Excludes non-hazardous Large Domestic Appliances (Metal Management)
• Over 1.7m individual assets recovered for reuse annually• Over 15m individual Integrated Circuits recovered• Innovest’s Global 100 most sustainable companies 2010
(released at the Davos Summit 2010)
Standards and Licenses
• Management Systems in use, certified at all but 1 EU site:– ISO 9001:2000 - Quality standard– ISO 14001 - Environmental standard– OHSAS 18001 - H&S standard
• Asset Recovery operations have or are working towards – ISO 27001 - Security management standard
• Permits for:– All sites are registered to be Authorised Treatment Facilities for WEEE– Belgium, registered as Producer Compliance Scheme– Hazardous Waste Regulations (approved handling and storage)– Electronic scrap and End of Life products– Waste Management and Waste Carrier licences– Relevant technical competence qualifications (e.g. WAMITAB CoTC, UK)– Approved Microsoft Approved Refurbisher status (MAR)
• Data and Hardware destruction completed to:– HMG IA Standard No. 5 - Secure Sanitisation of Protectively Marked or
Sensitive Information, Issue 3.1, October 2009– Where necessary granulation of hardware can be achieved to less than 6mm
in line with Government Standards
38
Global Operations – Sims Recycling Solutions
38 Operations Globally
Australia4
Operations
EU14
Operations
California3
Operations
AsiaRepresentative
offices
Tennessee1 Operation
Canada1 Operation
Illinois2
Operations
India3
Operations
Singapore1 Operation
Florida2
Operations
South Carolina
2 Operations
Louisiana1 Operation
Nevada1 Operation
Arizona 1 Operation
New Zealand
1 Operation
South Africa1
Operations