I was recently reviewing Hard Drive configurations and the best processes to ensure the Data has been properly destroyed.  The first thing I did was to list they common types of storage device configuration.

• HDD (Hard Disk Drive): Traditional spinning disk drives
• SSD (Solid State Drive): Faster and more reliable than HDDs
• External Drives: Portable storage solutions that connect via USB or other interfaces.

As I review this list, I started thinking about other data storage configurations.

• Hybrid Hard Drives

o   Solid-State Hybrid Drives:  Combines a traditional HDD with a small amount of SSD storage.

o   Dual-Drive Hybrid Drives:  Uses separate SSD and HDD drives within the same system.

• Integrated Storge on Circuit Boards:  Storage on motherboards refers to storage solutions that are directly connected to the motherboard

o   M.2 Slots

o   U.2 Connectors

o   eMMC

o   PCIE

o   Expansion Slot

This is not an entirely complete list but each of these have different considerations that need to be evaluated to ensure we are compliant with our data security processes.  Some configurations require Software Based Erasure/Overwriting to complete erase or overwriting, some require processes like Degaussing or Shredding/Crushing and some may require more than one process depending on how you have defined your ITAM Processes.

Additionally, how are you or your ITAD vendor processing assets with embedded storage if you have a Hard Drive Destruction policy?  How are you evaluating your/their wiping/overwriting tools to ensure they are properly ensuring your data security and compliance requirements?

It’s always about the data!  Have you reviewed your policies to keep up with the ever-changing storage configurations?