HP OpenVMS Systems

ask the wizard
Content starts here

Disk Data Erasure? (Storage Security)

» close window

The Question is:

This is not technically a VMS issue but you may be able to help us.
We have just decomissioned a VAX 4000_400. We have managed to erase all disks,
 including the System disk, apart from those connected via an HSD controller.
From the >>> prompt we can
set host/dup/dssi/bus:1 1 which brings up an HSD01> prompt. We can get into
 PARAMS but cannot get any of the commmands to work. We cannot find any
 manuals, on-line or otherwise, to help. we can SELECT the drives but when we
 try to FORMAT them we get a DRI
Can you help?
Adrian Fisher
Marston Book Services

The Answer is :

  If you are concerned about data security, evaluate the cost of data
  exposure against the potential profit from selling this storage
  equipment.  Upon consideration, the most effective and economical
  approach here may involve the physical destruction of the disk(s).
  Old SCSI disks are of comparatively very little value.
  Existing Ask The Wizard topics related to data erasure and to data
  security include (841), (3926), (4286), (4598), and (7320).
  Disk bad block handling is discussed in topic (6926).
  As this configuration has a DSSI, specific models of DSSI disks do
  offer an ERASE utility, similar to the PARAMS and DIRECT utilities
  -- the DIRECT utility gets you a list of the utilities present in
  the particular DSSI ISE.   The RF31, RF35, RF36, RF72, RF73, and
  RF74 series disk ISEs offer the ERRASE utility and can thus perform
  disk data erasure, though the RF30 and RF71 do not offer the ERASE
  utility.  The OpenVMS FAQ also has general DSSI and SET HOST/DUP
  information, and some related pointers.
  SCSI disks -- such as those connected to an HSD-series DSSI-to-SCSI
  storage controller (such as the HSD05 or HSD10 or similar), and those
  SCSI disks directly connected to a host SCSI controller -- do not
  offer a disk-integrated nor a controller-integrated disk erasure
  The usual approach here would thus involve booting a distribution
  disk or other similar mechanism, and using the DCL command
  INITIALIZE/ERASE.  (Pattern erasure capabilities are also available
  within OpenVMS, please see the existing discussions cited above.)
  This erasure may or may not meet local data security requirements,
  but it will make reading any data left on the disk media difficult
  and thus very expensive for any potential attackers.

answer written or last revised on ( 9-DEC-2002 )

» close window