I try to read the blog of Dave Hitz, one of the founders of Network Appliance, and while I don’t link all the time I found one of his entries pretty on topic.

Like my title above, Dave stole the most provocative words from his post to stir interest.  His post is titled, “Beware of Cyanide Gas“.

Another fine example of security is such an arms race.  I recall talking to clients just a couple of years ago and the standard was that server disks should be wiped and then destroyed.  That is still the standard, but the definition of destroyed keeps moving on us.  Dave points out the ridiculously small slivers of intact disk platter needed to read data and the reaction of one our our more security conscious customers was, “I guess we will have to add an acid bath after we sledge them…”. 

A big part of this battle is just staying in formed on what can be done and then figuring out whether you care or not.  If you have passwords and huge databases with Social Security Numbers or Credit Card numbers then letting someone read even one sliver of the platter may be disaster (though small by today’s standards as massive security blunders go). 

Always think about the level of response based on the threat.  If a serial killer escapes in your neighborhood then you are justified to double the locks on the doors and get a bigger dog, but if they escaped 3,000 miles away from you with no history or indication that they would come looking for you then you are overreacting.  If you apply these same standards to your electronic response then you will probably come out alright. 

Lastly, as always watch out for the cyanide gas!