On Thu, 31 Mar 2005 10:23:40 PST, John Blood said: > I'm thinking about what the possibilities for a secure > data deletion business would have in the United > States. Be prepared to travel. A *LOT*. The people who would pay for such a service are most likely not going to fedex the disks to you for deletion. So all the work will likely be on-site. Another problem you'll encounter is that the people who are willing to contract for such a service likely already *have* something in place - I'm currently looking at having to physically destroy some 100 or so old 4G and 9G drives off a RAID array that had sensitive data on it. But you'd have a hard time selling me your service, because we already have a chipper/shredder that's able to chew them up sufficiently. You're only going to be able to sell to the sites that are *just* realizing that they have a problem, and/or subcontract to those *very* large sites that are willing to outsource the problem to a bonded disposal company (yes, you'll need to be heavily bonded for this, for obvious reasons...) Whether you go for software cleaning or physical destruction, the biggest problem you'll face is figuring out the value-added that makes your service worthwhile when they can buy the same software themselves, or just pop down to the local hardware store and pick up a sledgehammer for a few dollars.... On the other hand, someplace you *can* make money is on the consulting side, tracking the data flow through the organization and identifying *all* the information leakage points (not just physical media, but Googlehacking and the like as well), and presenting them in a report with suggested resolutions...
Attachment:
pgpnZjuKvq9Ky.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/