But It Has To Be Fixed

It was reported in the news that a CD marked ‘Home Office’ and ‘Private and Confidential’ was found behind a keyboard when a system was taken to be repaired. The data was encrypted but it raises an interesting problem: How should you fix systems which contain sensitive data? Sensitive here doesn’t just mean customer information (although that is obviously important) it also means intellectual property as well.

If repairs can be done on-site, then that is obviously the best way as the data will not wander off. However if a system has to be taken away for repair then there is a possibility of data-loss. A new process or procedure may need to be developed and put into operation.

What is the data on the system, does it contain sensitive information, if so, then how will you protect it when it is offsite? If the failure is not a hard drive then perhaps that can be removed and stored safely on-site while the system is repaired. Alternatively, perhaps the disk needs to be completely erased (and the OS re-installed) before it goes away - this would need to be done in another system as the original one is broken. (It’s all backed up… isn’t it?!?!)

If it is the hard disk that has failed and perhaps it is going to a data recovery service then ask a few questions - how will the drive be looked after when it is offsite, is the data encrypted, does it matter if it goes missing? what would happen if it was lost while out of your control?

March 10, 2008 | Filed Under IT equipment, data-loss | Leave a Comment