Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
Log in  ::  Register  ::  Not logged in

'At-Rest Data-Leakage': The Euphemism

By Phil Factor,

I was at the local municipal dump the other day, throwing out all my rubbish. I like to keep my rubbish until all chance of it proving to be valuable has vanished. Sadly, that Hitachi laptop from the late nineties had to go, though that Cromemco from the late seventies remained secure from the crusher, for sentimental reasons.  As I stood back to hurl the laptop into the municipal skip, with a muttered farewell to an old friend, the supervisor took it firmly from me and placed it reverentially in a portakabin with a lot of other IT equipment.

I wondered why. ‘Does this go for recycling in China to extract the gold?’ I asked

‘not worth it, mate, but the hard drives fetch a bit.’

It wasn’t until I was half way home that it hit me. There are no useful metals in a disk drive. Why would anyone want hard disks from old laptops? The most valuable thing would be the data. Somehow, one keeps passwords, browser history, personal accounts and all sorts of clues as to one’s identity, possibly even confidential information from work.  So this is what we call ‘at-rest data leakage’.   When old archived information is stored on a PC, network, or on a backup system, and left unused in storage, then it can be retrieved easily because it is out of sight, and out of mind, of the security experts.

It set me thinking. How efficient are we generally about ensuring that any redundant equipment with data on it can never subsequently be read after it is disposed?  It always surprises me to meet people who are unaware that SQL Server files and backups can be read by anyone unless they are encrypted. We are lulled into a false sense of security by the fact that it is hard to circumvent the security system of a live database whereas it is easy to read the data files. The front door is locked and bolted, whereas the back door is flapping open.  If you let working drives leave the building in a readable state, you’re unintentionally in the publishing business.

Total article views: 83 | Views in the last 30 days: 1
Related Articles


Newbie DBA Looking for advice on Laptop for SQL learning!


Laptop Boy Scouts

This editorial was originally published on Jan 10, 2007. Steve is at DevConnections, so it is being ...


The Laptop is Back

I finally got my laptop today. I had to drive to the local Shell gas station to get it, but...


Netbook Replacing a Laptop

My laptop died recently, actually died completely, unable to boot. The hard drive was fine, and I ma...


Laptops Part 2

EarlierI mused a bit about when and why it makes sense to upgrade to a new laptop. One note I...

database weekly    

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones