The computers and laptops you purchase for home or business use come backed by a manufacturer warranty. This warranty covers all of the parts in the computer, including the hard drive. This means that if the hard drive fails during the warranty period, you can have it repaired or replaced free of charge. However, the manufacturer will almost always ask you to ship your failed drive back to them for investigation. For those of us who work with sensitive personal or financial information at home or in the office, this presents a problem.
Even though your hard drive can’t be read by your computer, the data on the drive is still there. As a business, handing over physical media with confidential customer data on it could actually be illegal—regardless of whether or not the drive is truly broken. Depending on the circumstances, sending in a broken hard drive with sensitive data on it could be no different than sending a box of confidential paper documents. This is because the data could still be accessible with the right tools.
Many failed hard drives have a single point of failure, such as the logic board. Such parts of the hard drive assembly can easily be replaced in order to bring the drive back into full working condition. After that occurs, the data on the hard drive is accessible to anyone.
To reduce service turnaround times, many manufacturers will simply replace faulty computers and hard drives with new ones, rather than making the customer wait while their hardware is evaluated and repaired. The manufacturer will later repair the malfunctioning equipment, then sell it at a discount as “refurbished” or “recertified” hardware. Certain steps are taken to erase existing data before putting a hard drive back on the market, but even a secure wipe isn’t a 100% guarantee that the data is irrecoverable.
If a hard drive cannot be salvaged and resold, then the manufacturer may dispose of it. But again, there is no guarantee that they will use a destruction method as secure as the one you might use when destroying your own sensitive data. This is especially true if you are shipping to a foreign manufacturer based in a country with less stringent privacy and data security laws
There is no real perfect solution for this situation. Logically, one would erase all media before sending a computer or hard drive back to a manufacturer. But if the computer won’t boot and the disk won’t mount, this isn’t an option. Other options of rendering the data inaccessible—such as drilling a hole in your hard drive or degaussing it before sending it back—would obviously void the very warranty you are trying to redeem.
Your best bet is to call the manufacturer or vendor and explain your situation to them. Many companies are far more understanding than you might imagine—and it’s highly unlikely that you will be the first customer facing this conundrum. For long-time business customers, companies may waive the requirement to mail-in the malfunctioning hard drive. Or, they may offer to mail it back after they have evaluated the cause of failure. If you can work out this type of agreement, you can then dispose of the drive by having it securely shredded.
Going forward, you should take measures to protect the data on your disks in the case that they become inaccessible through the normal functionality. The best way to do this is to encrypt your hard drive. Disk encryption protects the data on your disk by encrypting every bit of information that written to the disk. In this case, if your drive does fall into the wrong hands, they won’t be able to access the data without the decryption key or an authenticating hardware, such as a security card or Trusted Platform Module (TPM) chip.
But again, the safest way to secure your digital records is to destroy the physical media, just as you would a paper document. If you are disposing of obsolete equipment or broken PC components, call Southern California Mobile Shredding. We’ll take care of your e-waste securely, conveniently and sustainably.