Let the IT tech at work do it?

A key point about data recovery professionals is that they will go to great lengths to ensure the safety of your data.  That is, they understand not only the inherent risks in any procedure and minimise those risks, but also they have the knowledge to know where those risks are.

These things do matter!

I am always ready to tell someone that they are welcome to attempt the data recovery process themselves but that they must understand that there are pitfalls and they may end up making matters worse.  This applies not only to the average computer user but also to the IT expert at work.  Sometimes, a little knowledge is a dangerous thing.  Let me explain.

I recently had a friend ask me to recover files from his external hard drive.  He had allowed the IT tech at his office look at the drive and the outcome was that the drive was spinning up but that it was ‘dead’.   My friend handed the drive to me as a bare unit since the IT techo had extracted it from the case.

First error.  Never handle a drive without suitable static protection and NEVER touch the circuit board (usually green in colour) nor the connection pins on the edge.  I cant afford to take the 1 in a 1000 chance that static discharge will fry the circuit or the internal magnetic heads.  And neither can you!  If anyone tries to tell you otherwise, go somewhere else.

The data on the drive was indeed recoverable and I managed to clone the 1.5GB drive to a second hard drive.  But on examination of the file contents it was clear that other things were at play.  The contents looked like gobbledygook.  The obvious cause was the drive was hardware encrypted.  My friend confirmed this and gave me the password.

Second error.  Its important to realise that encryption is a complex process designed to secure your data and in most cases the password you enter is therefore mixed with a second password chosen by the encryption mechanism – in this case hardware in the external case.  Consequently the password was useless without the case.  So I told my friend to have the IT tech put it back in the case.  Well, guess what, the case had been broken open and then thrown away.  I figuratively fell off my chair.

Third error.  Because the IT tech did not have the appropriate tools he/she chose to use brute force to open the case.  And then, not understanding methods of encryption, threw away the broken case along with the password.  This thoughtless act meant that neither I nor anyone else could reconstruct those files.  To give you an analogy – you pick up your car from your mechanic and they tell you they didn’t know how to pop the hood, so they used an angle grinder to cut open it, and for good measure they then threw the hood away.

What can we learn from this story?  Data recovery is not a mysterious or arcane process, but it does require skills and knowledge gleaned from many areas of IT technology, as well as a methodical approach.  When you have a data recovery problem, weigh up the pros and cons of the situation.  If the data you need is unimportant and you feel like experimenting then by all means give it a try yourself.  But if the data is important to you, then just send me an email or give me call and we can discuss your requirements.