To maintain its various accreditations and security clearances, DriveSavers employees work under rigorous security policies and submit to annual risk-assessment analysis, penetration tests, and a third-party security audit. A selection of these annual security reports are posted on the company's website; you can check them out yourself. Every employee also goes through an annual background check, presumably to assuage client concerns that DriveSavers engineers--who regularly handle our most private data--aren't committing identity fraud on the side. "There's no better day job for an identity thief than at a data recovery service," says DriveSavers Chief Information Security Officer Michael Hall. "That's why we have to run regular background checks on everyone in the building."
Making dead drives talk
Whether it's a burnt hard drive or a busted smartphone recovered from a crime scene, every device that gets sent to DriveSavers goes through the same revivification process. The first stop is a designated "triage area," where every device is subjected to a preliminary examination by data engineers.
The lion's share of storage devices then get sent to the clean room to be disassembled in a dust-free environment. Well, nearly dust-free: The DriveSavers clean room is certified ISO 5, meaning that every cubic foot of filtered air inside the room is guaranteed to contain fewer than 100 particles larger than 0.5 micrometers. For comparison's sake, a cubic foot of air in your average city contains more than a million particles of that size.
Once a drive is disassembled, engineers do whatever it takes to copy the data to a working computer. Sometimes that's as simple as replacing the spindle motor in an old Western Digital hard drive to get the platter spinning again. Other times, a certified engineer has to play Dr. Frankenstein and whip out a tiny soldering iron to reattach or rebuild 15 almost-microscopic leads, so a smashed flash drive can be hooked up to a DriveSavers recovery PC. All the data on the busted drive is copied over to a spare from the DriveSavers facility, after which the engineers (gingerly) set aside the original to focus on the copy.
Next, the data is duplicated from the copy onto the DriveSavers network, which sports multiple redundant backups and is safeguarded by a Secure Cisco Self-Defending Network environment that's verified by an annual third-party security audit. It's a level of security that poses a real challenge for any hacker trying to trawl through the DriveSavers servers, though most data is wiped from the network on a regular basis.
Once the raw data is safely ensconced in the DriveSavers network, the engineers get to work reassembling it into a machine-readable format. Since the engineers are often tasked with restoring data that's been deleted--accidentally or otherwise--there's a certain amount of careful detective work involved as fragments of data scattered across the drive are reassembled into working files. If the data is encrypted, DriveSavers engineers can reassemble it without breaking encryption by rebuilding the original storage volume block by block.
Sign up for CIO Asia eNewsletters.