| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200503311903.j2VJ3w0H023947@turing-police.cc.vt.edu> Date: Thu Mar 31 20:04:08 2005 From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: Secure Data Deletion Idea? On Thu, 31 Mar 2005 10:23:40 PST, John Blood said: > I'm thinking about what the possibilities for a secure > data deletion business would have in the United > States. Be prepared to travel. A *LOT*. The people who would pay for such a service are most likely not going to fedex the disks to you for deletion. So all the work will likely be on-site. Another problem you'll encounter is that the people who are willing to contract for such a service likely already *have* something in place - I'm currently looking at having to physically destroy some 100 or so old 4G and 9G drives off a RAID array that had sensitive data on it. But you'd have a hard time selling me your service, because we already have a chipper/shredder that's able to chew them up sufficiently. You're only going to be able to sell to the sites that are *just* realizing that they have a problem, and/or subcontract to those *very* large sites that are willing to outsource the problem to a bonded disposal company (yes, you'll need to be heavily bonded for this, for obvious reasons...) Whether you go for software cleaning or physical destruction, the biggest problem you'll face is figuring out the value-added that makes your service worthwhile when they can buy the same software themselves, or just pop down to the local hardware store and pick up a sledgehammer for a few dollars.... On the other hand, someplace you *can* make money is on the consulting side, tracking the data flow through the organization and identifying *all* the information leakage points (not just physical media, but Googlehacking and the like as well), and presenting them in a report with suggested resolutions... -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050331/8456ca64/attachment.bin
Powered by blists - more mailing lists