.

News

Refurbishment of TCG-Encrypted Hard Drives Technology

Genesis: Refurbishment of TCG-Encrypted Hard Drives

In a world where data security is paramount, encryption technologies like those developed by the Trusted Computing Group (TCG) are crucial for protecting sensitive information stored on Enterprise-level Hard Drives. These technologies encrypt data on the device, safeguarding it from unauthorised access. Despite their benefits, TCG’s approach, favoured by many leading storage vendors, poses significant challenges, especially when it comes to hard drive reuse and data sanitisation. We look at the challenges in the Refurbishment of TCG-Encrypted Hard Drives.

The Dilemma of Encrypted Drives

Typically, standard SEDs manage encryption internally at the firmware level. TCG-encrypted drives, however, are controlled by the host system, such as a storage array. This means that once a TCG-encrypted drive is removed from its host environment, it becomes unusable.  Consequently, these drives cannot be sanitised or repurposed using conventional techniques. Especially if removed from their original environment, which leads to the unnecessary physical destruction of millions of functional drives—an environmentally and financially detrimental scenario.

Adding to the complexity, the interpretation and deviation of the lengthy and involved TCG standard have varied among vendors, with some using the technology to tie devices exclusively to their ecosystems. This practice prevents using drives as generic or refurbished devices, further complicating the drive lifecycle management.

Genesis: Pioneering Hard Drive Refurbishment

Ultratest’s Genesis emerges as a cutting-edge solution to these challenges. It introduces a seamless and automated process for managing TCG encryption, unlocking drives, and restoring their full functionality. This innovation allows drives to be securely erased, tested, and repaired while safeguarding user data. Genesis ensures drives are correctly unlocked for general use after processing. This distinguishes it from other market offerings that might leave drives locked and inoperable.

Ultratest Genesis HDD & SSD Repair & Data Erasure

Advantages of Genesis

Genesis brings remarkable benefits to the table, enhancing both data security and environmental sustainability. It enables drives to be securely wiped and refurbished to a like-new condition, thereby extending their lifespan and reducing electronic waste. Moreover, Genesis promotes a circular economy by allowing the secure, sustainable reuse of data storage assets. This is a win-win for businesses, consumers, and the environment alike.

Conclusion

As concerns over data security and environmental impact intensify, solutions like Genesis from Ultratest represent a significant step forward. By aligning with TCG encryption methods and revolutionising Refurbishment of TCG-Encrypted Hard Drives, Genesis protects data and promotes the reuse and longevity of hard drives. This innovative approach contributes to a more secure digital landscape and supports sustainability in the technology sector.To learn more, talk to the Ultratest team. Contact us here or call on +44 1438 211200.

Ultratest Genesis HDD & SSD Repair & Data Erasure Technology

Advanced Hard Drive Repair from Ultratest Genesis

Ultratest Genesis: Advanced Hard Drive Repair, Testing, and Data Erasure for Device Longevity

Overview

Genesis has the ability to restore the drive to its optimal operational state. This is achieved by implementing advanced technological tools for diagnostics and repairs.

Our team comprises highly skilled professionals. They have a superior understanding of the functional operation and software of a wide range of data storage devices. We have gained this knowledge from years of research and development-based engineering. Therefore, we are confident that our system will meet and exceed your expectations while delivering accurate results.

The repair process

The Genesis repair process begins with identifying the drive manufacturer and its generation (“family”). Post-identification, the system considers specific circumstances, such as known issues and nuances unique to each device, enabling the system to tune the processes during subsequent tests. This ensures the most accurate, efficient and effective repair process possible.

Genesis Hard Drive test ports for SAS and SATA HDD/SSD

During the initial testing phases, the software scans for critical issues, such as helium gas leaks in modern helium-filled drives. This early detection allows stopping the testing as soon as possible, which reduces the overall time required for testing. Consequently, it improves the efficiency of the testing process.

The Genesis platform utilises “dynamic schedules” to control the test and repair process. This feature enables flexible adjustments to the test process on the fly for any specific drive, including different methods for either Hard Drives (HDD) or Solid State Drives (SSD), among many other unique factors. The backend code has intelligent logic, which makes this approach highly efficient.

Reliable results every time

Our testing systems are designed to produce efficient and accurate results in the shortest possible time. We don’t simply clear defect tables to declare a drive usable. Instead, we use a highly developed advanced technique and engineering process specific to each manufacturer to perform actual repairs. These methods are far more sophisticated than simply resetting the drive. This allows us to provide more effective and long-lasting results.

To avoid any confusion regarding the criteria for a “good drive”, we created the Guardian Score, a grading system, to evaluate the quality of drives based on three categories: Grade A, Grade B and Grade C. These grades correspond to “fully functional”, “functioning with minor issues”, and “functioning with major issues”, respectively. Moreover, we have provided an option for our customers to customise the grading according to their specific needs based on either a drive-health percentage or the number of defects within the G-List.

Only drives where the media is defect-free are considered Grade A“.

States project lead: Mikhail Mavritsin

Data-Driven Results

An assortment of diverse testing conditions and criteria subject the drive’s repair procedure to rigorous evaluation to ensure the stability of the results. Passing all the tests and undergoing repair increases the likelihood of the drive’s longevity. To achieve accurate results, strict requirements for average performance in all operations, known as “timings,” are closely monitored. We constantly evaluate that the test criteria for the repair procedure align as closely as possible with the actual situation in a particular device. The test software can fine-tune the baseline criteria for each type of device, including features of SMR drives and SSDs, allowing optimal performance.

Ensuring the reliability of test results depends on countless factors derived from the vast amount of accumulated data and statistics. Statistics are based on results from over 4 million HDD & SSD devices. Including varying capacities, models, generations and many other unique attributes. Our data has shown that products processed by Genesis have an extremely stable and high yield with a minimum number of returns/warranty claims for our customers, typically well under 1%.  

Our commitment

At Ultratest, we take pride in our unique approach to test system development. We firmly believe that our personal and tailored approach with customers sets us apart.  We have the technical capability and willingness to conduct device failure analysis to investigate the most unusual behaviour for frequent or rare issues. This helps us promptly enhance test algorithms’ quality, assessment criteria, and the list of supported products.

Further product information can be found here, or contact the team to discuss in more depth.

Technology

Do I have to Erase a Network Switch?

Do I have to Erase a Network Switch? It’s a good question, why erase a Network Switch, a router, a firewall or even an access point? They’re not data-bearing devices like a Hard Drive or Mobile Phone. Surely a factory reset or a format or deleting the config will do the trick?

A Hackers potential delight!

Unfortunately, not. Networking devices are data-bearing devices, not in the true sense of the word, in terms of user GDPR-type personal data, but they contain extremely precious and sensitive information. The config data can include passwords, IP Addresses, and Domain Names. If you can determine the device’s original location, it’s like leaving your keys hanging outside your front door. It could be a hacker’s delight.

Hang on; surely an IT Manager would change the passwords and config data when removing an asset from their network. You’ll be surprised to hear it’s not always the case. I recall a conversation from a few months back of a scenario where an IT Operator was tasked with upgrading the Firewall on their Network. To save time and effort, the simplest method to swap the device was to back up the data on the old firewall and restore the config to the new device. Hey, presto! Job done! However, the old appliance, now on its way to their trusty ITAD, had the same security credentials & passwords as the live device in the Network. Whoops!

OK, so how do you Erase a device?

So, how do you erase a Networking Device? Sadly, it’s not as simple as it should or could be. The Networking device manufacturers should have focused more on effective & safe data erasure than they have. There is now a ‘Write Erase’ command on some of the newer products, which does as it says on the tin. For everything else… it depends. The first issue is to find where the data is stored. Devices have multiple internal data storage media, including; NVRAM, Flash, and SSD, to name a few.

The challenge continues; identify all the storage within the product, and you must safely remove the data. We are all familiar that to erase data from a Hard Drive or SSD, deleting or formatting doesn’t remove data. It just informs the device that you can use that part of the media for storing new data; eventually, the old data will be over-written. The same theory can be applied to the storage media on a Networking device. As with an HDD or SSD, the only effective method to safely remove data is performing a complete overwrite of the media. Typically, this is done by writing a random data pattern to fill up the media, therefore overwriting any data that was previously there.

Is there a Solution available?

The market has reacted slowly, and even some of the largest Data Erasure Software providers have struggled to provide a reliable solution. The issue is that to perform this overwrite, you need to take control of the device. A compelling blend of hardware & software is the only reliable approach.

Ultratest offers a powerful solution named Nemesis, the only ADISA-certified Network Erasure Solution available. We invite you to learn how Nemesis can benefit you; read on…

Corporate

Genesis recertified ADISA Product Assurance

Genesis recertified ADISA Product Assurance, including NIST 800-88

We are excited to announce that Genesis, the leading solution for repairing, testing, and wiping Hard Drives & SSDs, has successfully recertified through the ADISA Product Assurance Scheme.

Genesis was the first product certified under the Product Assurance scheme in 2019.  The scheme has been enhanced to now include NIST 800-88 compliance verification.

Genesis, the most advanced solution

Over many years, Genesis has earned a reputation as the leading solution for processing used Hard Drives & SSD. Unlike other products that merely test and erase devices before resale, Genesis utilises advanced techniques and processes, typically reserved for the drive manufacturers, to restore health and ensure the highest quality. Furthermore, Genesis boasts a remarkable yield rate thanks to its superior ability to unlock drives that other solutions cannot.

Over many years, Genesis has earned a reputation as the leading solution for processing used Hard Drives & SSD. Unlike other products that merely test and erase devices before resale, Genesis utilises advanced techniques and processes, typically reserved for the drive manufacturers, to restore health and ensure the highest quality. Furthermore, Genesis boasts a remarkable yield rate thanks to its superior ability to unlock drives that other solutions cannot.

Who is ADISA Certification, and what is Product Assurance

ADISA Certification is the go-to organisation for product and service certification. Their ADISA Research Centre (ARC) is an independent certification body that conducts product certification. The certification schemes’ purpose is to evaluate sanitisation software’s effectiveness using the Product Assurance (PA) scheme provided by ARC. This scheme scrutinises whether data sanitisation products can comply with sanitisation standards and guidelines, specifically NIST Special Publication 800-88 Revision 1 and/or IEEE Std 2882-2022, by assessing if the product can issue standard-compliant commands to storage media.

What is NIST 800-88?

NIST 800-88, also known as NIST Special Publication 800-88 (NIST SP 800-88), has become the industry standard for data erasure and provides comprehensive guidance on safely & effectively erasing data from storage media. The standard was initially created for the US government use but has since been adopted by companies and governments worldwide to ensure secure media sanitisation. 

The NIST guidelines cover all types of storage media, including magnetic, flash-based, and other technologies, and outline three sanitisation techniques: Clear, Purge, and Destroy. The ultimate goal is to ensure that all data stored on the media is permanently erased and cannot be retrieved.

ADISA ARC Test Conclusions

The Product Assurance tests include 14 separate examinations of compliance with the NIST SP 800-88r1 guidelines. To be considered compliant, the laboratory must verify the commands sent to the device in either Table A-5 or Table A-8 of NIST SP 800-88r1.

During the tests that required verification of NIST SP 800-88r1 CLEAR, the ARC determined that all tested devices were compliant because the software’s commands matched the specifications in NIST SP 800-88r1.

Similarly, during the tests that required NIST SP 800-88r1 PURGE verification, the ARC found that all tested devices were compliant because the software’s commands matched the specifications in NIST SP 800-88r1.

Steve Mellings, Founder & CEO of ADISA Group, commented…

“Compliance to NIST 800-88 guidelines means much more than having a dropdown on the software; the sanitisation engine must issue specific commands to drives based on their type and interface. The software must also react to the drive if the command is not supported again, issuing a different command to achieve the desired outcome. Our testing of Genesis was done over several weeks. It involved many combinations to ensure we are confident that it complies with the sanitisation requirements as listed in NIST 800-88”.

Thomas Gardner, Product Sales Specialist at Ultratest Solutions, continued…

“Certifications genuinely reflect the hard work, dedication, research, and investment it takes to create a market-leading product. Our solution has been endorsed by ADISA, the reputable certification organisation recognised worldwide. This endorsement assures our customers that our product meets all industry standards, such as NIST, giving them the utmost confidence in our solution”.

For further information, please get in touch with us here, or contact ADISA Certification at https://adisarc.com.

Product Update

Expand your Hard Drive production with GenesisXP

Increase throughput, reduce cost and grow revenue.

Margins in the Hard Drive processing sector have been under pressure for some time. As a result, we have designed GenesisXP to reduce operating costs, increase revenue, and ensure compliance.

How does it work?

Genesis provides industry-leading technology and repair capabilities, not seen in any other solution. Uniquely, the functionality delivers unparalleled results with the highest possible yield. GenesisXP enables the expansion of your Genesis infrastructure by attaching additional Disk Enclosures (JBODs) for Test, Erasure & Grading.

What is equally important, failed drives from GenesisXP or passes at Grade B or C, maybe repairable. Genesis can recover and refurbish many of these devices. In essence; Increased throughput, reduced cost and revenue growth.

GenesisXP Server

All Genesis Systems (8, 16, 32, 64 & 96-Port) are compatible with GenesisXP.  The XP solution is connected through a dedicated Server with four SAS/SATA (SAS 3G/6G/12G) outputs attaching to your chosen Disk Enclosures.  The Server can be installed neatly in the Genesis cabinet, likewise externally in a Disk Enclosure cabinet of your choice.  GenesisXP is compatible with all the major enclosure brands, except IBM StorWize.

GenesisXP Screenshot
GenesisXP JBOD Selection Screen

Integrated Solution & GUI

GenesisXP seamlessly integrates into the Aurora GUI/TouchScreen.  Simply toggle through the enclosures to view individual drives on test.  The Ultratest Online Web Portal is used to manage all test/erasure processes.

View individual drives & test logs

Licencing options

GenesisXP licensing is available for all Genesis configurations, providing additional concurrent active ports, of; 32, 64, 96 or 120+. Testing of over 120 drives is possible with potential performance deficits. Installation of additional servers will provide maximum test speeds. We would advise running additional GenesisXP servers to retain the highest possible speed.

Contact us for further information and pricing.

Technology

ITAD’S, ARE YOU SURE YOU’RE PROCESSING YOUR NETWORK PRODUCTS…

Written By Adam Burrett (Network Engineer, Nemesis Designer)

Introduction

When networking hardware is in use, network engineers are conscious to make sure they can always get back to a working configuration without having to redo the whole thing.  Especially if it is remote.

So they tend to make a backup of the running / start-up config onto flash (I know, I used to).  They may also carry out packet traces on the device, and store these in the flash and not delete it once finished.  If this is a device that carries voice traffic that could include voice calls.  With the right knowledge, you can download that file and listen to the call.

When that device becomes end of life the following need to happen:

  1. The startup configuration is erased
  2. Any backup configs are erased
  3. Any traces are erased
  4. Any file, that is not an operating system, is erased

You will notice that I have bolded the word erased.  This is because erased data is not the same thing as deleted data.

If you delete a file from flash, you have not deleted it.  You have removed the pointers to that file, and marked it to be overwritten when more storage is needed. 

Flash tends to only allow you the option to format to totally clear it.  This again, does not delete any of the data.

This data can be recovered using the right tools, in some instances just a compact flash card reader and a Hex editor.

The challenges

Maintaining Value

The main problem when processing networking equipment is that there are so many different types, each with their own unique processing method and varying levels of erasure commands.

The second major problem is maintaining the value of the asset.  One wrong command and you can turn a £2000 switch into a £200 switch, or a piece of scrap.

A large number of ITAD companies currently sell their networking devices in bulk to upstream vendors for a much reduced value, potentially losing thousands of pounds on each batch they sell.

Complete Data Erasure

To date ITAD company’s process networking equipment follows the NIST Clear standard.  This is the only standard that has been available to them.  Using the NIST clear, and manual deletion options has a high risk of missing user data and sending devices out with confidential customer data (i.e. passwords, customer names etc.).

There is a NIST Purge standard for network equipment, but this is vendor and product specific and does not lend itself to the objective of maximising the retained value of the asset as it will clear all software and licenses at the same time.  If the ITAD is not careful, this may not be recoverable to an operational system and will result in loss of revenue for them.  In time, this will then increase the costs of those services to you the disposal customer.

Processing Time

To process a device to NIST Purge can take time to ensure that all user data is cleared, depending on the device.  This also requires a reasonable knowledge of networking hardware to either know the commands, or know how to get the commands. 

Staff resource

The majority of companies that process their own networking equipment rely on a single member of staff, so when that person is absent no networking equipment is processed.

The Solution

The new Nemesis Network Erasure product from Ultratest Solutions marks a revolutionary step forward in the processing of networking equipment collected by ITAD companies.

By utilising the Nemesis you gain the following:

  1. Simple to use, reliable and repeatable erasure process

Your Teams do not need to understand every device they are erasing.  The solution detects the type of device, and processes it accordingly.  It is just point and click.

  • Allows erasure of products even if the OS has been deleted by the customer before the ITAD collected the devices.
  • Utilises the VIP (Vendor Independent Purge) standard developed by Ultratest engineers to ensure that all data is fully erased.
  • Confidence in providing erasure certificates that can be complimented by a full erasure report that can be provided to the customer.
  • Maximise the value of any asset by bringing the device fully into an operation condition at the end of the erasure process.

To find out more, as to how Nemesis can benefit your operation, please get in contact and we will be happy to arrange a time for a consultative call to discuss your individual needs and challenges.

Corporate

Ultratest joins ASCDI

Ultratest are excited to of joined ASCDI, one of the leading & most established trade association in the ICT sector.

We are looking forward to proactively contributing, along with our fellow members, to help create a safer and more sustainable industry, by promoting more secure and ecologically sound processes and practices.

Announcement – ASCDI Website

Technology

“Let’s not focus on the ‘r’ word, within a…

When discussing key attributes and intricacies within a Circular Economy the word that is bounded around more than any other is ‘Recycling’.  While recycling is a component of the Circular Economy, it should be by default the last and final by-product, and thus its status should be very much last in the conversation.

The dialogue that should precede the ‘R’ word should include such topics as; ‘Circular Design’, ‘Reuse’, ‘Rental’ and ‘as a Service’ or ‘subscription’.  Thankfully, global manufacturers are starting to consider these key objectives when developing products and services.  Questions such as; how can product design best compliment a circular economy and deliver sustainability with minimal impact on the environment are paramount.

As a smaller manufacturer, at Ultratest Solutions we still asked ourselves that very same question.  Let us look at how this steered our product development and philosophy when designing Genesis.

By the nature of our solution, Genesis is designed to enable the reuse of millions of Hard Drives & SSDs, rather than condemning them to the shredder and subsequently the waste stream.  All-be-that fantastic, we are still talking about the ‘R’ word or at best reuse & product upcycling.

We took the decision to develop our solution based on a ‘Rental’ and ‘Subscription’ model, so why?  Typically, one-off sales of product tend to be linear.  Products are sold and when no longer needed tend to be scrapped or hopefully repurposed.  Therefore, by working on a rental and subscription basis, we as the manufacturer, have understanding of where our products are and when a customer no longer requires the solution we have the ability to recall the hardware so that we can refurbish, update and re-deploy with a new client.  The subscription element is also crucial, as without it the product has no function, even should the product fall into the wrong hands, without our knowledge or consent, they would have to contact us enable functionality and bring any value back to the solution.  Thus enabling us to keep control of it use and lifespan.

Initial design and production methods are taken into account when developing solutions.  Genesis is designed in a modular format.  Where possible, non-proprietary products have been utilised, so that in the event a particular piece of equipment being no longer required, it can be repurposed for general use, outside of our intended application.

Initial design and production methods are taken into account when developing solutions.  Genesis is designed in a modular format.  Where possible, non-proprietary products have been utilised, so that in the event a particular piece of equipment being no longer required, it can be repurposed for general use, outside of our intended application.

Proprietary components of the solution have been designed in a method whereby individual components can be upgraded while retaining the highest number of standard components, such as metal chassis and drive load bays etc.

Since we lease our solutions and the customer is not the owner of the equipment, it is very easy to run client upgrade programs when required, as we have knowledge of the locations and ownership of the product.

This approach is far from being unique, but is generally rare for a small to medium size manufacturer.  However, it is a model that can be adopted by many and would greatly support the achievement a more sustainable existence.

We are happy to talk about our experiences and challenges, so please do feel free to make contact.

Media

How a processor brought drive wiping and repair to…

Read the latest article on Genesis, from E-Scrap News’s Jarod Paben

Amid growing data security concerns, U.K.-based Ultratec has seen greater reluctance among its customers to ship unwiped drives to Ultratec’s plants for data sanitization. Bringing drive processing capabilities to customers’ sites alleviates those concerns.

Ultratec, a group of U.K. companies specializing in wiping, repairing and testing HDDs and SDDs, launched a product called Genesis this year. A hardware and software platform, Genesis erases, tests and repairs drives.

Read the full article here.

Technology

‘Can I make my ITAD process more profitable’?

Absolutely you can, let us explain how & why. We fully understand that End-User clients will stipulate which Data Erasure methods and certifications (CPA, Common Criteria, DIPCOG, TUV, NATO, ADISA etc.) to be used. Some may even demand a specific software vendor. It’s a minefield for customers, understanding what is current or historic, best practice or not and what is legally required. OK, so let’s see how ITAD’s can compliment or in some cases replace some of today’s model with innovative & clever technology.

ADISA is the only body to certify erasure on Solid State Drives (SSD) as part of their accreditations .

All ITAD’s have a existing method for ‘in-situ’ data erasure (wipe-in-device), for laptops, desktops & servers, as well as ad-hoc solutions for loose drives. We’ll explore how adding a complimentary technology, like Genesis, can add value to the process .

How do things operate today? In the traditional ITAD model (as per the fig. 1), if the drive fails the data wipe it would need to be physically destroyed to meet contractual obligations.

ITAD’s may also use an independent health-check software to test and verify the quality of storage devices prior to re-purposing. Any devices that have low heath may also be condemned to the shredder.

The enhanced model demonstrates… (see fig. 2) two huge advantages. Firstly, failed drives are recovered usually at a rate of over 60% allowing them to be repurposed & reused. Secondly, when processing loose drives there is no need for the use of additional third-party health-checking software.

Ultimately, the “Enhanced Recovery Model” provides; better sustainability through reduced waste, higher quality of products (with less RMA’s!) and an increased revenue stream by yielding more product for resale.

BEWARE… “An erased drive is not a fully tested drive”.

Not only does Genesis test, repair and erase a drive, it also runs a complex health-check algorithm to provide you with an accurate Guardian Score (% health). Delivering the highest confidence in product quality.

Don’t just take our word for it… The unique ability to repair, erase & test a drive has been fully verified and certified by ADISA. After a thorough examination and data forensics analysis, ADISA awarded Genesis with their ‘Product Assurance’ certification. More information can be found here on the ADISA website.

Taking it to the next level, you can use Genesis as your ‘one-stop-solution’ for repair & data erasure, providing even stronger financial gains, with reduced labour and licencing fees.

We’re confident of our technology… but, rather than taking our word for it, we’d be happy for you to trial our solution. Contact us and we’ll be happy to discuss your requirements.

Genesis is available in a range configurations to meet everyone’s needs. To find out more please click here.

*Yield figures are based on data from typical usage from devices that are not deemed as physically faulty or damaged.