As many tape backup users -- and all tape vendors will tell you, tape storage is the unsung, unglamorous mainstay of data retention. Despite the low and declining costs of disk storage, tape, which is comparatively cheap to buy and has low energy costs, remains one of the most economical ways to store and back up data.
But what happens when you move up to a more modern format of tape, to disk backup, or simply choose to dispose of old tapes? For years, third parties have offered another option -- sell the tapes and recycle them to others customers. However, according to OEMs and others, this secondary tape market is fraught with risk. With no standards and no oversight, third parties frequently erase only the header information from the tapes they acquire, potentially leaving gigabytes of sensitive information available for perusal. While there don't appear to be any documented incidents of major data breaches occurring as a result of poor tape recycling practices, the potential for disaster is there.
Sensitive data still on recycled tapes
"We have purchased recycled tapes on the market and found that we could easily read large amounts of data, some of which could be considered sensitive, such as social security numbers and hospital records," said Tom Lally, vice president of Imation's commercial division. In fact, in lab tests run on 100 "recertified" tapes purchased commercially, Imation discovered intelligible information on one-third of the cartridges. And that's the kind of risk that should be a wakeup call for IT managers, he said. Furthermore, noted Lally, in Imation tests, multiple degaussing passes were needed to render data fully inaccessible; meaning that about the only practical solution for those intent on complete data destruction is shredding and/or incinerating the tape.
"What is driving this is profit. You can often make ten times as much selling recertified tape as compared to selling new tape," said Lally.
Chris Caprio, Imation's western regional sales manager, said the issue begins with motivation -- IT organizations that have accumulated large quantities of old data tapes. "When you have a business organization, invariably the data center manager is facing economic constraints and when someone comes along and offers to turn a liability in the form of old tapes into a financial asset, the decision is easy," he said.
In years past, said Caprio, when the regulatory environment was less onerous and when data on tapes was less densely packed and easier to erase, the risk was lower. However, with higher capacity media and particularly with LTO tape, which uses built-in servo tracks to steer the read/write heads and features much higher data density, erasure is more difficult. Only the most powerful degaussers can completely destroy data on a tape and when they do so, they also permanently destroy the servo tracks. Likewise, simply running the tapes and overwriting random data is time-consuming and generally uneconomic for recyclers. Then there is the proverbial 800-pound gorilla -- regulatory and legal risk from a data loss.
Use a trustworthy data destruction service
Caprio said the best method is to work with a trustworthy data destruction service that can certify the shredding of the tape and then show that it has been destroyed by an incineration service or reprocess the material into road paving material. "We like to talk about data stewardship," said Caprio. And, added Lally, "Some will say that we just want to sell more new tapes but the reality is that used tapes represent a small loss to us but a data breach could be a huge loss for one of our customers."
Finally, he added, there is the risk of the reliability of the media. "If you are trusting tape for important data you want to be sure that the tape is really in good condition."
Lally noted that Imation (like other manufacturers) will help facilitate destruction of tapes for its clients. "We will sometimes do it for no charge if we can come up with an appropriate agreement with our customer," he added.
Despite Imation's concerns, those in the tape destruction and recertification business defend their practices. For instance, Al Zoldos, vice president of technical sales at Staples Technology Solutions Division, said his company focuses on reliable and trustworthy handling of data. According to Zoldos, the cost to simply destroy a tape or cartridge is typically in the range of $0.75 to one dollar -- depending on the number of units involved. And, he added, another option can be simply trading up and letting the tape vendor handle the destruction of the old tape. He advised storage decision-makers to look for contract language that may cover tape destruction, avoiding the need to consider third-party providers entirely. In fact, Staples provides a range of services including on-site disposal or even selling degaussing gear to customers (ranging from table top models for doing single tapes to large units that can erase multiple tapes at once). "We also provide shredding services with third party witness to provide certification of destruction."
"We can pick up tapes for destruction and transport them to one of 89 waste-to-energy facilities across the country or an EPA certified landfill," said Zoldos.
Zoldos said his least favorite solution is electronic data eradication in which the data tracks on the tapes are rewritten with random ones and zeros. "The customers that want data eradication are usually trying to sell their used tapes and get some residual value from them," he said. Staples itself prefers not to be involved in buying used tape "though some customers would prefer us to do that, with all the compliance issues it just doesn't seem to be worth it," he added.
DataSpan, another company that handles used tapes, also takes a more positive view of the process. Michael Moore, an executive at DataSpan, claimed his company is one of the minority that handles the process responsibly. In particular, he said DataSpan conducts its work in accordance with Statement on Auditing Standards No. 70, (SAS 70 for short), an auditing standard developed by the American Institute of Certified Public Accountants (AICPA). SAS 70, which specifies a kind of best practices for information control, is also referenced in the Sarbanes-Oxley Act of 2002.
"We have handled more than two million tapes and we have never had an instance of someone coming back and telling us they found residual data," he said.
Tape disposal advice
"Customers seeking to dispose of tape should be very specific about what they expect in terms of how the destruction process will work and that they expect tapes to be destroyed -- not reused," said Zoldos. Strategically, too, said Zoldos, it is important to plan for tape end-of-life and to have a plan for destroying tape and not just letting it pile up somewhere.
On the purchasing side, he also cautions about buying "bargain" tape from non-vendors or non-vendor certified sources. "It is very easy to make an old tape look new and the difference between the prices of old and new is substantial enough to make it very tempting," he said. "When you are acquiring tape you need to know the source and the sources source," he added.
The cost of tape disposal
According to Staples' Zoldos, there are some general rules of thumb to keep in mind. Destroying tape through a verifiable process typically costs about one dollar per unit. When it comes to buying used tapes, Zoldos said you won't necessarily save that much. "It depends on the format or model of tape. If it's a newer tape it can be only 20% less than new," he said. On the other hand, if it's a considerably older tape format, it could be as low as 25% to 30% of the cost of a new tape. That calculus doesn't reflect the unknown risks regarding wear and tear and the underlying condition of the tape, he added. Conversely, if you are thinking about selling tape, Zoldos said prices vary widely; newer format tapes tend to command much higher prices than older format based simply on supply and demand. Whether it is worth it to buy or sell used tapes is, he noted, something that individuals need to determine based on their own priorities.
Finally, Jay Heiser, a research vice president at Gartner, offers a somewhat contrarian view. "When you consider the priority level assigned to tape -- and the limited capabilities of the people usually assigned to move and maintain it -- it's not surprising that tapes get lost, and tapes lost in that way are the primary security concern," he said.
As to what he views as the far more exotic scenario of data getting lost through tape recycling, Heiser is dismissive. "Documented cases of data loss by that means are hard to find -- and if they occurred the data would probably be old and of limited value." Furthermore, he noted, the likelihood of someone turning stray data to a nefarious purpose is very low. "It would require a very methodical search to amount to anything," he said, and probably wouldn't much interest cyber criminals who already have established and fruitful means of obtaining useful data.
"If you are really worried, from a 'CYA' perspective and a social responsibility perspective, you should probably just make sure your data is encrypted -- then no matter what you don't have to worry," he added.
About this author: Alan Earls is a Boston-area freelance writer focused on business and technology, particularly data storage.