1. Technical Field
The present disclosure generally relates to providing data security within an information handling system and in particular to enabling a single command functionality that destroys access to specific data stored within an information handling system.
2. Description of the Related Art
As the value and use of information continue to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes, thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
An information handling system can be provisioned as a customer system providing specific computer resources to a single customer. The provisioned customer system can range from a single, stand-alone computer system to a distributed, multi-device computer system. Within the customer system are a number of configurable components that include firmware and/or logic and associated storage devices, such as non-volatile random access memory (NVRAM). The configurable components can be instantiated with customer-specific configuration settings and can include customer data stored within their respective NVRAMs. The configuration settings (data) and customer data are unique to the customer and can include sensitive information that the customer needs to protect. Protection of customer data conventionally includes use of a firewall and restricted logins to the customer system via security credentials (e.g., password-based logins). While these security measures can keep most un-authorized persons from gaining access to this data, these measures do not prevent a skilled hacker who can by-pass these initial security measures and gain access to the customer system from simply accessing the stored customer data and configuration settings data from the various NVRAMs within the system.
Also, these customer systems are occasionally decommissioned and/or re-provisioned. A typical decommissioning of a customer system involves erasing/deleting the customer data that is stored on the physical storage devices associated with the system. This erasure of customer data is typically needed for both security and compliance, and the process normally involves administrative personnel having to perform manual steps to delete the stored customer data and individually reset the potentially large number of configurable components and associated physical storage devices back to factory defaults. Such manual steps can be costly and time consuming and are subject to human errors. Furthermore, some storage media are designed such that although a user or administrator attempts to erase the media, the media may still contain remnants of the customer's data. An example of this type of storage media is flash with wear-leveling technologies. With wear leveling technology, an erasure of a logical device does not necessarily result in erasure of the entire physical device. Thus, even after a seemingly successful erasure of customer data, the physical storage media on which that data has been stored can still maintain portions of the customer data, which data can then be accessed despite the best efforts taken to wipe the storage device clean of all the customer data.