Genesis: Refurbishment of TCG-Encrypted Hard Drives

In a world where data security is paramount, encryption technologies like those developed by the Trusted Computing Group (TCG) are crucial for protecting sensitive information stored on Enterprise-level Hard Drives. These technologies encrypt data on the device, safeguarding it from unauthorised access. Despite their benefits, TCG’s approach, favoured by many leading storage vendors, poses significant challenges, especially when it comes to hard drive reuse and data sanitisation. We look at the challenges in the Refurbishment of TCG-Encrypted Hard Drives.

The Dilemma of Encrypted Drives

Typically, standard SEDs manage encryption internally at the firmware level. TCG-encrypted drives, however, are controlled by the host system, such as a storage array. This means that once a TCG-encrypted drive is removed from its host environment, it becomes unusable.  Consequently, these drives cannot be sanitised or repurposed using conventional techniques. Especially if removed from their original environment, which leads to the unnecessary physical destruction of millions of functional drives—an environmentally and financially detrimental scenario.

Adding to the complexity, the interpretation and deviation of the lengthy and involved TCG standard have varied among vendors, with some using the technology to tie devices exclusively to their ecosystems. This practice prevents using drives as generic or refurbished devices, further complicating the drive lifecycle management.

Genesis: Pioneering Hard Drive Refurbishment

Ultratest’s Genesis emerges as a cutting-edge solution to these challenges. It introduces a seamless and automated process for managing TCG encryption, unlocking drives, and restoring their full functionality. This innovation allows drives to be securely erased, tested, and repaired while safeguarding user data. Genesis ensures drives are correctly unlocked for general use after processing. This distinguishes it from other market offerings that might leave drives locked and inoperable.

Advantages of Genesis

Genesis brings remarkable benefits to the table, enhancing both data security and environmental sustainability. It enables drives to be securely wiped and refurbished to a like-new condition, thereby extending their lifespan and reducing electronic waste. Moreover, Genesis promotes a circular economy by allowing the secure, sustainable reuse of data storage assets. This is a win-win for businesses, consumers, and the environment alike.

Conclusion

As concerns over data security and environmental impact intensify, solutions like Genesis from Ultratest represent a significant step forward. By aligning with TCG encryption methods and revolutionising Refurbishment of TCG-Encrypted Hard Drives, Genesis protects data and promotes the reuse and longevity of hard drives. This innovative approach contributes to a more secure digital landscape and supports sustainability in the technology sector.To learn more, talk to the Ultratest team. Contact us here or call on +44 1438 211200.

Advanced Hard Drive Repair from Ultratest Genesis

Ultratest Genesis: Advanced Hard Drive Repair, Testing, and Data Erasure for Device Longevity

Overview

Genesis has the ability to restore the drive to its optimal operational state. This is achieved by implementing advanced technological tools for diagnostics and repairs.

Our team comprises highly skilled professionals. They have a superior understanding of the functional operation and software of a wide range of data storage devices. We have gained this knowledge from years of research and development-based engineering. Therefore, we are confident that our system will meet and exceed your expectations while delivering accurate results.

The repair process

The Genesis repair process begins with identifying the drive manufacturer and its generation (“family”). Post-identification, the system considers specific circumstances, such as known issues and nuances unique to each device, enabling the system to tune the processes during subsequent tests. This ensures the most accurate, efficient and effective repair process possible.

The Genesis platform utilises “dynamic schedules” to control the test and repair process. This feature enables flexible adjustments to the test process on the fly for any specific drive, including different methods for either Hard Drives (HDD) or Solid State Drives (SSD), among many other unique factors. The backend code has intelligent logic, which makes this approach highly efficient.

Reliable results every time

Our testing systems are designed to produce efficient and accurate results in the shortest possible time. We don’t simply clear defect tables to declare a drive usable. Instead, we use a highly developed advanced technique and engineering process specific to each manufacturer to perform actual repairs. These methods are far more sophisticated than simply resetting the drive. This allows us to provide more effective and long-lasting results.

To avoid any confusion regarding the criteria for a “good drive”, we created the Guardian Score, a grading system, to evaluate the quality of drives based on three categories: Grade A, Grade B and Grade C. These grades correspond to “fully functional”, “functioning with minor issues”, and “functioning with major issues”, respectively. Moreover, we have provided an option for our customers to customise the grading according to their specific needs based on either a drive-health percentage or the number of defects within the G-List.

“Only drives where the media is defect-free are considered Grade A“.

States project lead: Mikhail Mavritsin

Data-Driven Results

An assortment of diverse testing conditions and criteria subject the drive’s repair procedure to rigorous evaluation to ensure the stability of the results. Passing all the tests and undergoing repair increases the likelihood of the drive’s longevity. To achieve accurate results, strict requirements for average performance in all operations, known as “timings,” are closely monitored. We constantly evaluate that the test criteria for the repair procedure align as closely as possible with the actual situation in a particular device. The test software can fine-tune the baseline criteria for each type of device, including features of SMR drives and SSDs, allowing optimal performance.

Ensuring the reliability of test results depends on countless factors derived from the vast amount of accumulated data and statistics. Statistics are based on results from over 4 million HDD & SSD devices. Including varying capacities, models, generations and many other unique attributes. Our data has shown that products processed by Genesis have an extremely stable and high yield with a minimum number of returns/warranty claims for our customers, typically well under 1%.  

Our commitment

At Ultratest, we take pride in our unique approach to test system development. We firmly believe that our personal and tailored approach with customers sets us apart.  We have the technical capability and willingness to conduct device failure analysis to investigate the most unusual behaviour for frequent or rare issues. This helps us promptly enhance test algorithms’ quality, assessment criteria, and the list of supported products.

Further product information can be found here, or contact the team to discuss in more depth.

Do I have to Erase a Network Switch?

Do I have to Erase a Network Switch? It’s a good question, why erase a Network Switch, a router, a firewall or even an access point? They’re not data-bearing devices like a Hard Drive or Mobile Phone. Surely a factory reset or a format or deleting the config will do the trick?

A Hackers potential delight!

Unfortunately, not. Networking devices are data-bearing devices, not in the true sense of the word, in terms of user GDPR-type personal data, but they contain extremely precious and sensitive information. The config data can include passwords, IP Addresses, and Domain Names. If you can determine the device’s original location, it’s like leaving your keys hanging outside your front door. It could be a hacker’s delight.

OK, so how do you Erase a device?

So, how do you erase a Networking Device? Sadly, it’s not as simple as it should or could be. The Networking device manufacturers should have focused more on effective & safe data erasure than they have. There is now a ‘Write Erase’ command on some of the newer products, which does as it says on the tin. For everything else… it depends. The first issue is to find where the data is stored. Devices have multiple internal data storage media, including; NVRAM, Flash, and SSD, to name a few.

The challenge continues; identify all the storage within the product, and you must safely remove the data. We are all familiar that to erase data from a Hard Drive or SSD, deleting or formatting doesn’t remove data. It just informs the device that you can use that part of the media for storing new data; eventually, the old data will be over-written. The same theory can be applied to the storage media on a Networking device. As with an HDD or SSD, the only effective method to safely remove data is performing a complete overwrite of the media. Typically, this is done by writing a random data pattern to fill up the media, therefore overwriting any data that was previously there.

Is there a Solution available?

The market has reacted slowly, and even some of the largest Data Erasure Software providers have struggled to provide a reliable solution. The issue is that to perform this overwrite, you need to take control of the device. A compelling blend of hardware & software is the only reliable approach.

Ultratest offers a powerful solution named Nemesis, the only ADISA-certified Network Erasure Solution available. We invite you to learn how Nemesis can benefit you; read on…

ITAD’S, ARE YOU SURE YOU’RE PROCESSING YOUR NETWORK PRODUCTS…

Written By Adam Burrett (Network Engineer, Nemesis Designer)

Introduction

When networking hardware is in use, network engineers are conscious to make sure they can always get back to a working configuration without having to redo the whole thing.  Especially if it is remote.

So they tend to make a backup of the running / start-up config onto flash (I know, I used to).  They may also carry out packet traces on the device, and store these in the flash and not delete it once finished.  If this is a device that carries voice traffic that could include voice calls.  With the right knowledge, you can download that file and listen to the call.

When that device becomes end of life the following need to happen:

1. The startup configuration is erased
2. Any backup configs are erased
3. Any traces are erased
4. Any file, that is not an operating system, is erased

You will notice that I have bolded the word erased.  This is because erased data is not the same thing as deleted data.

If you delete a file from flash, you have not deleted it.  You have removed the pointers to that file, and marked it to be overwritten when more storage is needed. 

Flash tends to only allow you the option to format to totally clear it.  This again, does not delete any of the data.

This data can be recovered using the right tools, in some instances just a compact flash card reader and a Hex editor.

The challenges

Maintaining Value

The main problem when processing networking equipment is that there are so many different types, each with their own unique processing method and varying levels of erasure commands.

The second major problem is maintaining the value of the asset.  One wrong command and you can turn a £2000 switch into a £200 switch, or a piece of scrap.

A large number of ITAD companies currently sell their networking devices in bulk to upstream vendors for a much reduced value, potentially losing thousands of pounds on each batch they sell.

Complete Data Erasure

To date ITAD company’s process networking equipment follows the NIST Clear standard.  This is the only standard that has been available to them.  Using the NIST clear, and manual deletion options has a high risk of missing user data and sending devices out with confidential customer data (i.e. passwords, customer names etc.).

There is a NIST Purge standard for network equipment, but this is vendor and product specific and does not lend itself to the objective of maximising the retained value of the asset as it will clear all software and licenses at the same time.  If the ITAD is not careful, this may not be recoverable to an operational system and will result in loss of revenue for them.  In time, this will then increase the costs of those services to you the disposal customer.

Processing Time

To process a device to NIST Purge can take time to ensure that all user data is cleared, depending on the device.  This also requires a reasonable knowledge of networking hardware to either know the commands, or know how to get the commands. 

Staff resource

The majority of companies that process their own networking equipment rely on a single member of staff, so when that person is absent no networking equipment is processed.

The Solution

The new Nemesis Network Erasure product from Ultratest Solutions marks a revolutionary step forward in the processing of networking equipment collected by ITAD companies.

By utilising the Nemesis you gain the following:

1. Simple to use, reliable and repeatable erasure process

Your Teams do not need to understand every device they are erasing.  The solution detects the type of device, and processes it accordingly.  It is just point and click.

• Allows erasure of products even if the OS has been deleted by the customer before the ITAD collected the devices.
  
• Utilises the VIP (Vendor Independent Purge) standard developed by Ultratest engineers to ensure that all data is fully erased.
  
• Confidence in providing erasure certificates that can be complimented by a full erasure report that can be provided to the customer.
  
• Maximise the value of any asset by bringing the device fully into an operation condition at the end of the erasure process.

To find out more, as to how Nemesis can benefit your operation, please get in contact and we will be happy to arrange a time for a consultative call to discuss your individual needs and challenges.

“Let’s not focus on the ‘r’ word, within a…

When discussing key attributes and intricacies within a Circular Economy the word that is bounded around more than any other is ‘Recycling’.  While recycling is a component of the Circular Economy, it should be by default the last and final by-product, and thus its status should be very much last in the conversation.

The dialogue that should precede the ‘R’ word should include such topics as; ‘Circular Design’, ‘Reuse’, ‘Rental’ and ‘as a Service’ or ‘subscription’.  Thankfully, global manufacturers are starting to consider these key objectives when developing products and services.  Questions such as; how can product design best compliment a circular economy and deliver sustainability with minimal impact on the environment are paramount.

As a smaller manufacturer, at Ultratest Solutions we still asked ourselves that very same question.  Let us look at how this steered our product development and philosophy when designing Genesis.

By the nature of our solution, Genesis is designed to enable the reuse of millions of Hard Drives & SSDs, rather than condemning them to the shredder and subsequently the waste stream.  All-be-that fantastic, we are still talking about the ‘R’ word or at best reuse & product upcycling.

We took the decision to develop our solution based on a ‘Rental’ and ‘Subscription’ model, so why?  Typically, one-off sales of product tend to be linear.  Products are sold and when no longer needed tend to be scrapped or hopefully repurposed.  Therefore, by working on a rental and subscription basis, we as the manufacturer, have understanding of where our products are and when a customer no longer requires the solution we have the ability to recall the hardware so that we can refurbish, update and re-deploy with a new client.  The subscription element is also crucial, as without it the product has no function, even should the product fall into the wrong hands, without our knowledge or consent, they would have to contact us enable functionality and bring any value back to the solution.  Thus enabling us to keep control of it use and lifespan.

Initial design and production methods are taken into account when developing solutions.  Genesis is designed in a modular format.  Where possible, non-proprietary products have been utilised, so that in the event a particular piece of equipment being no longer required, it can be repurposed for general use, outside of our intended application.

Proprietary components of the solution have been designed in a method whereby individual components can be upgraded while retaining the highest number of standard components, such as metal chassis and drive load bays etc.

Since we lease our solutions and the customer is not the owner of the equipment, it is very easy to run client upgrade programs when required, as we have knowledge of the locations and ownership of the product.

This approach is far from being unique, but is generally rare for a small to medium size manufacturer.  However, it is a model that can be adopted by many and would greatly support the achievement a more sustainable existence.

We are happy to talk about our experiences and challenges, so please do feel free to make contact.

‘Can I make my ITAD process more profitable’?

Absolutely you can, let us explain how & why. We fully understand that End-User clients will stipulate which Data Erasure methods and certifications (CPA, Common Criteria, DIPCOG, TUV, NATO, ADISA etc.) to be used. Some may even demand a specific software vendor. It’s a minefield for customers, understanding what is current or historic, best practice or not and what is legally required. OK, so let’s see how ITAD’s can compliment or in some cases replace some of today’s model with innovative & clever technology.

ADISA is the only body to certify erasure on Solid State Drives (SSD) as part of their accreditations .

All ITAD’s have a existing method for ‘in-situ’ data erasure (wipe-in-device), for laptops, desktops & servers, as well as ad-hoc solutions for loose drives. We’ll explore how adding a complimentary technology, like Genesis, can add value to the process .

How do things operate today? In the traditional ITAD model (as per the fig. 1), if the drive fails the data wipe it would need to be physically destroyed to meet contractual obligations.

Ultimately, the “Enhanced Recovery Model” provides; better sustainability through reduced waste, higher quality of products (with less RMA’s!) and an increased revenue stream by yielding more product for resale.

BEWARE… “An erased drive is not a fully tested drive”.

Not only does Genesis test, repair and erase a drive, it also runs a complex health-check algorithm to provide you with an accurate Guardian Score (% health). Delivering the highest confidence in product quality.

Taking it to the next level, you can use Genesis as your ‘one-stop-solution’ for repair & data erasure, providing even stronger financial gains, with reduced labour and licencing fees.

We’re confident of our technology… but, rather than taking our word for it, we’d be happy for you to trial our solution. Contact us and we’ll be happy to discuss your requirements.

Genesis is available in a range configurations to meet everyone’s needs. To find out more please click here.

*Yield figures are based on data from typical usage from devices that are not deemed as physically faulty or damaged.