We have a new toy in the Vindicia office. It is a high-Oersted degausser.
Why might we need such a thing? It’s part of taking our responsibility for customer data seriously.
The industry best practice for securely erasing a hard drive is to enforce seven or more passes of non-sensitive data written to that hard drive. However, when you run a SaaS billing infrastructure at scale you will have drive failures that are destructive enough that no operating system can write to those drives. Any hard drive we control that has the potential to have a credit card number (encrypted or not) or a portion of a private cryptography key has to at least have had “true secure deletion” performed on it. In these instances when we can’t perform those writes, our degausser performs the necessary task.
However, being the appropriately paranoid custodians of more than 50 million credit cards we sent a test drive that had never had sensitive data out to a forensic data recover service. We just received confirmation that no data was retrievable.
The bonus is that the degausser makes a satisfying sound reminiscent of the “Ecto Containment Unit” in the classic movie Ghostbusters, even including the green light when it’s time to remove the hard drive from its drawer.