How do I get my data back?

Steve Cassidy takes a look at what goes on behind the scenes in the world of data recovery...

"Oh yes, I think we had his drive here"

This was not what I was expecting to hear while wandering around the British offices of Kroll Ontrack, the long standing independent experts in data recovery.

Just to tease you further, I decided when that particular anecdote was presented that I wouldn't share with you the unfortunate owner of the disk in question: Ontrack has clearly been living with the lid screwed down nice and tight for many years and were enthused with an almost confessional need to share a few war stories.

Advertisement - Article continues below

I guess the takeaway lesson here is that seeing a room full of proprietary hardware that retrieves damaged sectors of spinning disks by taking their top covers off and running them naked, with a sawed-apart cover plate put back with the shear-marks still sharp and fresh (it has to support the end of the actuator spindle, they said) does not represent the daily lives of the guys actually getting the data back. If you are the unhappy chap who shipped them the disk they were talking about then you would also be paying about 700 for seeing what might be recoverable from it. And, overwhelmingly, that is an emotional process, more than a technical one.

Advertisement
Advertisement - Article continues below

It doesn't matter whether your drive was incinerated, stopped a bullet, rode an earthquake, or suffered the attentions of a nihilistic employee, Kroll will have a go at getting your stuff back. Its workflow is both impressive, and curiously low-tech in places a stack of Coolermaster cases out front all play host to forlorn single drives, mostly on suspiciously custom-looking USB to drive hardware adapters, some with add-on cooling fans. These are considered electrically OK, and therefore ready for a forensic copy to the BIG Ontrack disk pool, back in the server room.

Advertisement - Article continues below

I think the phrase BIG is good enough has a description of the setup, firstly because I lost count of the disks being forensically imaged while I was there, and secondly because I didn't get to see into that room. It did say rather sheepishly that it went through a short phase of recommissioning its Pentium III-based server farm because the multi-core replacements were actually slower in their resolutely simple bit-slinging usage pattern.

If a drive is electrically OK, then, and the forensic image process completes without a hitch, the data recovery process goes all virtual, with the image being worked on and recovered via more proprietary software. If it's not OK, then off with its heads a quick trip to the top lid shear cutter and on to the clean room for further attention.

When I was there, the majority of drives were laptop format, though I couldn't swear to a preponderance of any one brand over another. Once the data has been retrieved, by software or hardware-bashing methods, then it is written back to a nice new hard disk and that gets shipped back to the customer in a bouncy, foam-padded mailing box.

Advertisement - Article continues below

I am skipping over the interesting bit here though. Judging by the stories that Kroll was ready to tell, the divide between actual hardware death involving smoke coming out of your drives, and someone cocking up and then claiming it's a hardware problem is nowhere near as much in favour of dodgy hardware as you might expect. That's not to say it is running a software/human error recovery business with pretentions to status as hardware hackers. Indeed, it's quite the reverse. One corner of the clean room had iPhones in bits (info is encrypted on the chips, they said, though this isn't a showstopper), and Kroll was very confident about the largest ever disk array it had imaged and then recovered (96 drives, incidentally).

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement
Advertisement

Most Popular

Visit/security/ransomware/355891/nasa-it-contractor-ransomware-hack
ransomware

Ransomware collective claims to have hacked NASA IT contractor

3 Jun 2020
Visit/mobile/5g/355911/the-uk-pivots-to-japan-for-5g-equipment
5G

The UK looks to Japan and South Korea for 5G equipment

4 Jun 2020
Visit/data-insights/data-science/355678/how-data-science-is-transforming-business
Sponsored

How data science is transforming business

29 May 2020