I was in charge of a stand alone, 125 user, authorised to process up to and including secret, network for a number of years. Our cable infrastructure was fiber from server to the desktop with the only exposed piece of fiber being the LAN connection from PC to the box. The hard drives were removeable, were locked up every night and random patrols were done nightly as well. We were not allowed to do a seven pass government wipe to dispose of the drives as our security people deemed it inadequate, we turned them over to our classified waste people who stored them until there were enough to justify having the platters removed and mechanicaly beaten into little lumps of metal. It does come down to a proper Risk Threat Assesment, how valuable is your data and in our case how politicaly and militarily sensitive is it. I personaly was quite happy that we were not responsible for ensuring the cleanliness of the drives when they went for disposal.
