Working with a Data Recovery Service
How Much
Some companies charge a flat rate of less than US$ 300. Considering more than 60 percent of cases involve mechanical problems – and you might need to spend half that for replacement parts – it is difficult to see how a company can charge so little. It seems pretty clear that the quantity of customers outweighs the sometimes poor quality. I have read in a couple of forums about companies that charged a ridiculously low rate but declared the data "unrecoverable," only to have it recovered easily by a different company. Note also that many companies have a "no recovery, no charge" policy, which may only apply to things like "labor charges," with parts or processing charged extra, even when the data is not recovered.
Ignoring the "super cheap" services, I found that recovery starts at around $400-$600 for basic issues like recovering deleted files. More complex issues that do not require a clean room can start at between $600 and $800. When the problem is so extensive that a clean room is required, prices start at least at $900 and can reach several thousand dollars. In our case, a complete recovery cost $1,500.
Keep in mind that these prices represent the standard service. Most companies offer a priority service, in which your data is returned in one or two days. These can be as much as twice the standard rate.
Making the Choice
Choosing the right company can mean the difference between a successful recovery or no recovery. You can find hundreds of companies all over the world that specialize in data recovery – too many to round up here in one article – so look locally. Looking for services in your own area typically means a faster turnaround because you have to deliver the physical disk to the service vendor. Choosing a nearby lab also increases the probability that the vendor is in the same legal jurisdiction, which could save you some confusion and headaches should a problem arise.
Successful recovery means that the data is recovered in a timely manner, and your data is safe. In our case, the entire process took less than a week. The standard service was advertised as 24-48 hours for the initial evaluation and three to five business days for the recovery. The company also provides a faster priority service and an emergency service, which promises recovery within 24 hours. On-site recovery is another option, if you really need it and can afford it.
A good recovery service will adapt the recovery process to your specific situation, exploring and improvising if necessary to find a solution (Figure 3). When deciding on a data recovery service, the technical expertise and speed of recovery are only two of the most obvious considerations. The security of the recovered data is also a key issue, depending on the kind of data you need to recover. If you are dealing with sensitive data, you obviously do not want to hand over company secrets without ensuring that they will be handled properly. Simple statements on the company's website that the data will be handle "discretely" provides little or no guarantee that the data won't be compromised, even if accidentally.
If your data is sensitive, you might want to ensure you have a written statement on how the data will be handled and by whom – and even an official non-disclosure agreement.
Ask the company if background checks are performed on their employees before giving them access to your data. Does the company meet any government standards for access to restricted areas? For example, is biometric data as well as a password required to enter the clean rooms or other areas where they have access to the data?
When considering the security of your data, you also need to consider the laws in different jurisdictions. Larger data recovery companies have offices in several countries. If you have to send your data outside of your area, laws and standards in your home country or even home state might not apply. Furthermore, different laws apply depending on the type of data you are attempting to restore. For example, the Health Care Insurance Portability and Accountability Act protects patient information, whereas the Gramm-Leach-Bliley Act protects financial information. Without due diligence, you (or your company) might be legally responsible for any disclosure of sensitive information.
Conclusion
A potential data recovery vendor can tell you anything on their website, but whether they actually adhere to the standards to which they claim is a different matter. That's why it is important to know whether the company is regularly audited, and according to what standard. One such standard is the Service Organization Control (SOC) reports, with SOC 2 being relevant to "Security, Availability, Processing Integrity, Confidentiality, or Privacy" of financial information.
Whether or not you choose to have a professional data recovery service come to your rescue, your decision will naturally depend on the value of the data compared with the cost of recovering it. Table 1 provides some of the key questions you need to ask. You'll find more detailed information at the Kroll Ontrack data recovery service website [1].
Table 1
Deciding on a Data Recovery Provider
Identify the Technology and Resources |
---|
How long has the company been in business? |
What class clean room do they provide? |
Do they explicitly state they can recover from your specific operating system and hardware? |
Can they deal with encrypted data? |
How is recovered data returned to you? |
Find a Fit for Your Needs |
Does the company provide different levels of service (e.g., faster time to recover and level of recovery)? |
Is the recovery fast enough for your needs? |
Is your data secure? |
Is recovered data retained in case it is lost when it is returned to you? If so, how long? |
Do they provide a report showing the recoverability of your data before starting the recovery? |
Is a recoverability report part of the evaluation or recovery? |
What will the total cost be? |
Is the evaluation free? What does it include? |
What do they charge if they recover data you don't need? |
Choose the Right Company |
Is the company accessible 24/7/365? |
Do they provide support in your language? |
Are they up-front about their prices? |
Do they provide free, no-obligation consultation? |
Can you track the status of the recovery online? |
Do they also provide post-recovery support? |
Are they authorized to handle sensitive data, including chain of custody requirements? |
Do they do background checks of their employees? |
Infos
- Kroll Ontrack data recovery: http://www.krollontrack.com/data-recovery/myths/
« Previous 1 2
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Canonical Releases Ubuntu 24.04
After a brief pause because of the XZ vulnerability, Ubuntu 24.04 is now available for install.
-
Linux Servers Targeted by Akira Ransomware
A group of bad actors who have already extorted $42 million have their sights set on the Linux platform.
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.