this post was submitted on 07 May 2024
666 points (98.3% liked)

Selfhosted

40296 readers
311 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

6 servers were decomissioned, Iwas able to only get the disks, RAM, CPUs and Network Card.

The total of this is : 88 x 8TB SAS disks 44 x 16GB RAM sticks (half 2133, half 2400) 6 x v3 Xeon e3 2630 6 x v4 Xeon e5 2640 3 x 10 GB PCIe dual port cards 12 x 1U heatsink

I'm really lucky to have all of these, even if I don't have a use for all of that for now (except some of the disks)

EDIT: Forgot to mention: All of this for free, I work in a datacenter!

you are viewing a single comment's thread
view the rest of the comments
[–] unwillingsomnambulist@midwest.social 53 points 6 months ago (1 children)

Somewhere, an ISO27001 auditor’s jimmies started rustling.

[–] brbposting@sh.itjust.works 6 points 6 months ago (2 children)

Do you think it’s possible for old decommissioned drives to be donated in a compliant manner?

Reference for others:

ISO/IEC 27001 is an international standard to manage information security. … It details requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS) – the aim of which is to help organizations make the information assets they hold more secure. Organizations that meet the standard's requirements can choose to be certified by an accredited certification body following successful completion of an audit.

[–] stevestevesteve@lemmy.world 13 points 6 months ago (1 children)

It certainly is. ISO 27001 is a framework, not very prescriptive at all. Basically an auditor will ask "how do you ensure data isn't leaving your facility in the form of discarded hardware?" If you say "here's a link to our media destruction policy. It says all drives are wiped according to NIST 800-88 cryptographic erasure. If that is not possible or not applicable, the drive is destroyed. Here's our log of decomissioned equipment" chances are very good they'll say "OK great let's move on to the next one" with only minor followup questions.

[–] brbposting@sh.itjust.works 8 points 6 months ago

👏

I recognize there’s a likelihood you are usually being paid for answers like that. Thank you for satisfying my curiosity for free :)

[–] unwillingsomnambulist@midwest.social 2 points 6 months ago (1 children)

Absolutely, and it’s usually up to the organization disposing of the drives to set and document the standard by which they abide.