
Compliant Method of HDD Mailing - mean_gene_1976
What is a good publication for shipping a hard drive to a client? This has possible consumer information.
======
techjuice
You can use the most secure methods following this guide (way overboard for
unclassified information, but very useful information):
[https://www.cdse.edu/documents/student-
guides/IF107-guide.pd...](https://www.cdse.edu/documents/student-
guides/IF107-guide.pdf)

Or you can insure that the hard drive is encrypted using BitLocker or LUKS and
shipped to the customer's business location. For the hardware token to unlock
the drive ship the key on a password protected USB with a different carrier to
their business mailbox at the post office. Also insuring that the hard drive
is double or triple bubble wrapped with really high quality bubble wrap and
inside of the original or alternative plastic hard drive case.

For the key insure it is in one of those secure bubble wrapped mailing
packages with secure taping (only way to open it is to cut it open so you can
detect tampering).

This way if it is dropped the vibrations never make it to the hard drive, if
it is stollen the key to the drive is not in the box and if someone did tamper
with any of them it would be very noticeable.

~~~
mean_gene_1976
Well dang. That's what I was thinking. You said it so well. I will check out
the link.

~~~
mean_gene_1976
I enjoyed the link, great references to regulation. So, i have a hard drive of
a server that needs to be encrypted. Could I encrypt the entire device? Or
just a partition?

~~~
mean_gene_1976
So, client just wants the hard drive. Doesnt want it encrypted. So...whatever

