PROJECT TYPE

  • IT Asset Tracking
  • Regulatory Compliance

TECHNOLOGIES

  • Spotlight Server 4.1, Windows Svr 2016, ASP.NET Core, TypeScript, Microsoft SQL Server
  • Windows touch screen tablet PCs
  • Bluetooth connected bar code scanners

S3Edge SERVICES PROVIDED

  • Specification, design, implementation and deployment services
  • Annual support

BACKGROUND

Wells Fargo & Company is a diversified financial services company that provides banking, investment and mortgage products and services, as well as consumer and commercial finance.  It has offices in 32 countries and territories to support customers who conduct business in the global economy.

Wells Fargo manages approximately a dozen large data centers that are geographically distributed around the country.  Each data center is a secure facility that houses several thousand servers.  When servers are decommissioned, Wells Fargo’s data center management staff must ensure controlled access to the server’s storage media (disk drives) until they are physically destroyed to ensure any customer data that may be present is not compromised.

Wells Fargo selected S3Edge to develop a tracking system to implement the regulatory compliance processes that track the disk drives from the point they’re removed from a decommissioned server to the point they are physically ground up at the data center.

BUSINESS BENEFITS

    • Regulatory Compliance – Automatically captures the information needed to ensure compliance with the regulatory oversight procedures established for the destruction of data center storage devices
    • Labor savings – Replaces labor intensive and error prone manual data entry with scanning resulting reduced labor and increased accuracy
    • Dual attestation workflows – Applets hosted on the mobile devices implement step-by-step instructions for the required regulatory compliance procedures thereby error proofing the process and reducing the staff training that would otherwise be required.
    • Real time asset visibility and email alerts – Data center staff can view in real time the state and location of each disk drive.  Email alerts are generated for governance staff when exceptions occur.
    • Reconciliation reports and KPIs – Reconciliation reports, metrics and key performance indicators to support continuous process improvement are automatic generated.

SOLUTION ARCHITECTURE

Mobile devices are installed at each data center that connect and exchange information with a central Spotlight server via the corporate intranet using firewall friendly protocols.  A set of Spotlight Mobile applets are installed on the mobile devices and used to track the movement of decommissioned disk drives from the point they’re removed from a chassis to the point they are physically destroyed.

Wells Fargo data center management staff login to the Spotlight web site and access a set of dashboards and forms to operational run and administer the system.

Wells Fargo solution overview
Wells Fargo's mobile scanning device

Each mobile device includes:

    • A touch screen Windows tablet PC
    • A LAN enabled port replicator/charging station
    • A Bluetooth-attached bar code scanner

WiFi is not permitted in the data centers so the Spotlight Mobile applets are designed to operate autonomously from the central Spotlight server.  The mobile devices connect with and exchange information with the Spotlight server only when attached to a docking/charging station over a hard-wired LAN connection.

The Bluetooth barcode scanner is used to scan bar codes attached to name badges, server chassis, disk disposal containers, location tags and the individual disks themselves.  Scanning minimizes the amount of manual data entry and therefore reduces the amount of staff training and labor and improves the accuracy of the information captured.

INVENTORY TRACKING TOUCH POINTS AND APPLETS

The disk tracking touch points include:

    • when disks are first removed from a chassis and placed in a disposal container
    • when disks are moved from one disposal container to another
    • when disposal containers are moved into a storage location
    • when disks are handed off to the service that ultimately grids up the disk drives

One or more mobile devices are installed at each data center and configured with the following set of applets:

    • Mass Decom – used when decommissioning a large number disk drives all at the same time
    • HDDT Check-in – used when checking a disposal container into a storage location
    • Dispose Disks – used when handing disk drives from a disposal container to the service that physically destroys the disk drives
    • Start Disposal – used when decommissioning a small number of disk drives from a single chassis
    • Move Disk – used when disk drives are moved from one disposal container to another
    • Audit – used to confirm the contents of a disposal container by scanning each disk drive in the container to identify any missing or extra disk drives that may exist.

Each applet is made up of a set of forms and logic that walk the data center staff, guards and technicians through the items to be scanned (name tags, chassis, disk drives, disposal containers, or location tags) in the process of implementing the dual attestation regulatory workflows.  The information captured during each of these workflows is stored in a local database on the device and then uploaded to the Spotlight server the next time the device is attached to its LAN enabled docking/charging station.

EXCEPTIONS AND EMAIL ALERTS

If an extra or missing disk drive is detected at any of the touch points, exception log entries are created in the audit trail for the associated disk drive.  An exception email alert is also sent to the governance staff to alert them an exception has been observed that requires their attention.  Governance staff must subsequently log into the Spotlight web site and reviews the tracks of the problem disk drive, add any supporting notes and document attachments, and ultimately “handle” the exception thereby clearing the exception condition.  Spotlight’s role-based security is used to ensure only governance staff members are authorized to handle an exception once it has been created.

DISK DRIVE STATES AND AUDIT TRAIL

The tracking system implements a finite state machine and creates and audit trail for each disk drive as it is processed.  Validation logic ensures the disk drives is in the correct state prior to performing any operation.  A warring is displayed if a disk drive is scanned in incorrect state and error log entry is added to the disk’s audit trail.  This allows the operator to immediately take the appropriate corrective action and also allows subsequent root cause analysis to be performed for the error, thereby improving compliance with standard operating procedures.

The disk drive “states” implemented include:

    • InContainer – a bar code has been attached and is it currently located in a disposal container
    • Pending – a bar code has been attached but its current location is no longer known
    • Disposed – the disk drive has been handed off to the service that grinds up the disk drives

Entries are added to the audit trail associated with each disk drive when ever the disk drive’s bar code is scanned.  Each audit trail entry include a timestamp, location, user and the action being performed.  The state and audit trail for any disk drive can be be viewed and updated by logging into the Spotlight server web site and viewing the Disks and Tracks dashboards.