Data destruction for the enterprise goes far beyond shredding, wiping and degaussing of data storage. Once data destruction processes move from desktops and laptops, hard drives and SSDS, into the data center, enterprise erasure and hyper-scale erasure are added to the getting-lengthier-all-the-time e-Media search and destroy punch list.
But that’s not all of it.
To clear the data, system hardware holding small amounts of network IP and other security keys must be reset to their factory defaults to flush the data and terminate unauthorized network access.
What to reset to data center factory defaults
As part of a comprehensive enterprise data destruction plan, we recommend focusing on two broad categories of network hardware to ensure that critical network data is cleared:
- reset data center switches, firewalls and routers to factory defaults, and
- reset network-integrated remote management controllers, such as Dell’s iDRAC and HPE’s iLO, within servers to factory default,
It’s important to understand that manufacturers have unique, proprietary processes to ensure that their devices are returned to their factory settings. In other words, each lock has its own kind of key. If factory default resets are processed incorrectly or not at all, the reuse and retained value of the server can be affected and the untouched network data may be an opening for unauthorized network and cyber-security access.
Why reset [switches, firewalls, routers and remote management controllers] to factory default settings?
After all, the chance of important data being on a network switch or firewall is astronomically small.
Yes. But you’re not looking for scads of social security numbers, credit card info or PPI on these devices. What you are pinpointing and removing through a factory default reset process is a small, integrated storage space (often 256MB or less) that holds valuable network information that is key to (un)authorized access to the network itself.
And that risk is real.
Imagine this: To remotely manage your company’s data network, IT managers use network management controllers.
Let’s say a nefarious actor finds or buys an end-of-life (EOL) network management controller that (score!) retains the configuration of the multinational enterprise.
Is it possible that: Your data-digging trespasser could glean valuable information…like an IP address associated with the organization? And if that IP address isn’t secured, is it possible to identify even more about the enterprise: infrastructure, management, layout, protocols and asset maintenance history to then extrapolate how the enterprise utilizes current production hardware akin to the compromised end-of-life piece? And then access the network…and all your active and stored data?
Bottom line: Something as benign as an active IP address lingering on a replaced, or resold IT router, switch, firewall and remote management controller is a possible network security threat.
Resetting data center remote management controllers to factory default
The demand for resetting network-integrated remote management controllers to factory default coincides with increased requests for onsite Network Reset. Like servers from Oracle, Cisco, etc, these devices have their own special network reset protocols. We’re seeing two primary manufacturer server management technologies in the field:
HPE Integrated Lights-Out (iLO) iLO securely configures, monitors and updates Hewlett Packard Enterprises ProLiant servers, from anywhere in the world. This proprietary, embedded server management technology provides out-of-band management capability specifically to remotely monitor, automate and defend ProLiant systems against threats.
Integrated Dell Remote Access Controller (iDRAC) iDRAC and DRAC are designed for secure local and remote server management and to help IT administrators deploy, update and monitor Dell’s PowerEdge servers anywhere, anytime.
Both Dell and HPE have similar out-of-band (aka accessing and managing network infrastructure at remote locations) management functionality to the lights-out management (LOM) technology offered by Sun/Oracle’s LOM port, the IBM Remote Supervisor Adapter and Cisco CIMC.
Restoring iLO and iDRAC to factory defaults ensures that sensitive, proprietary, or otherwise compromising infrastructural information is removed to close gateways to network security access.
Weighing the risks of [decommissioned, idle, warehoused, remarketed] remote server management
The Risk is real. The small bit of information discovered in an integrated remote server controller (256MB or less) may be the missing key that unlocks the network.
The Risk is manageable. iLO/iDRAC resetting is a complex but doable process that returns a high-value network device to factory defaults.
The Risk cannot be resolved by standard data sanitization practices. There are no easy workarounds. Resetting data center factory defaults is proprietary to each manufacturer, requiring prescribe steps are independent of and in addition to other data destruction processes.
The Risk is only resolved by planning. Ten years ago, data destruction was relegated to only the most paranoid. Now it’s a baseline for data security. As IT hardware has developed, the planning for end-of-life and recommissioning has adapted. Today, every company with a managed network should be folding switches, firewalls, routers and remote management controllers into their greater IT asset disposition planning.
The Risk is dependent on many stakeholders. We see questions about network security and data destruction coming from multiple departments: IT, infosec, asset managers, CTOs, network managers, network architects, attorneys, procurement and even warehouse managers who are charged with disposition. Whatever your job title and responsibility, we recommend asking questions and sharing information to ensure that your company’s global and local data destruction policy is up to date and comprehensive.
A Quick Reference Guide to Enterprise Data Destruction
|IT Asset / Device / eMedia||Recommended Sanitization Options|
|Hard Drives, loose||Degauss, Pin, Shred or Erase|
|Solid State Drives, loose||Pin, Shred or Erase|
|Network Switch||Factory Reset or Shred the board|
|Network Router||Factory Reset or Shred the board|
|Network Hub||Factory Reset or Shred the board|
|Server||Pull Hot-Swap drives then Degauss, Pin, Shred or Erase|
Search for internal drives, SATADOMS and flash drives. Once found, log and then either erase or pull and shred.
|Server Integrated Remote Access Controller||Factory Reset|
|Storage Arrays||HDDs: Degauss, Pin, Shred or Erase |
SSDs: Pin, Shred or Erase
How to keep your kingdom safe by destroying access
Work with your internal team, stakeholders and your ITAD, VAR, MSP or reseller to develop a complete IT asset disposition plan for your office equipment and data center that includes
- Inventory and tracking of any data-bearing asset (review this list for some surprises)
- Evaluation of exposure and tolerance for risk
- Third-party auditing and verification
- Vendors experienced in data center data storage and network architecture.
- NAID AAA Certified shredding, erasure and degaussing of spinning hard disk drives, tape drive and SSDs
- Physical search of all data center servers with obvious and hidden data storage (see this guide if you aren’t familiar with M.2, PCIE and Satadoms…to start)
- Reset data center factory defaults of switches, firewalls and routers
- Reset data center factory defaults of remote server management controllers
- Secure Transport of high value and live data
While the odds are remote that something could happen, the cost of a security breach due to benign neglect is infinitely more damaging, more expensive and more stressful.
If you’re looking for help in developing a data security plan for your data center or workforce, reach out to your ITAD or VAR. Or, reach out to Guardian. We’ll work with you to understand your needs and introduce you to a VAR or ITAD that meets your needs.