Leave no Trace of DATA
Leave no Trace of DATA
Completely Erase Your Hard Drives, SSDs and Thumb Drives
With stories abounding of identity theft aided by information lifted from discarded storage devices, leading to the disclosure of sensitive information, punitive investigations, spoil of reputation in the business world, and other negative consequences; you want devices you no longer plan to use to have no usable information when they head out the door. Here’s what to take care and how to wipe them clean.
- Why Erasing Files Is Not Enough
- Data Wiping Versus File Erasure
- Zero-Fill a Hard Disk
- Secure Wiping a Hard Disk
Remember, your data is most critical and important to you so don’t delay and hand it over to an expert since an inexperienced or nearby Computer Shop is likely to leave traces of data on your storage media, which can be recovered later using modern techniques of DATA recovery.
Why Erasing Files Is Not Enough...
Sure, you could erase the contents of the drive, but keep this in mind: the act of erasing a file does not remove it from a storage device.
When you erase/delete a file from your computer, it’s not really gone until the areas of the disk it used are overwritten by new information. If you use the normal Windows delete function, the “deleted” file is sent to the Recycle Bin until the space it uses is required by other files. If you use Shift-Delete to bypass the Recycle Bin, the space occupied by the file is marked as available for other files. However, the file could be recovered days or even weeks later with third-party data recovery software. As long as the operating system does not reuse the space occupied by a file with another file, the “deleted” file can be recovered.
With SSDs, the erased file situation is even more complex. SSDs store data in blocks rather than in sectors as with magnetic storage. Overwriting a block was previously used involves copying the contents of the block to cache, wiping the block’s contents, delete the block to be overwritten from cache, writing the new data to cache, and rewriting the block with the new data. So, disk wiping can be both a security feature and a performance improvement strategy.
Data Wiping Versus File Erasure...
While erasing files simply marks file space as available for reuse, data wiping overwrites all data space on a storage device, replacing useful data with garbage data. Depending upon the method used, the overwrite data could be zeros (also known as “zero-fill”) or could be various random patterns.
Products that can be used for wiping hard disks might not be suitable for wiping other types of drives. In this article, we will look at methods for securely wiping hard disks, USB flash memory devices, flash memory cards, and SSDs.
Zero-Fill a Hard Disk...
- Time Needed: several hours (varies with size and speed of drive)
- Software: Hard disk utility software from your drive vendor
- Media: blank CD or floppy disk
Although writing zeroes across the entire hard disk surface (aka “zero-filling”) is not sufficient to meet government data sanitation (disk wiping) standards such as DoD 5220.22-M or the more comprehensive Standards and Technologies (NIST) Special Publication 800-88, overwriting the entire hard disk prevents most types of data recovery from being successful.
Secure Wiping a Hard Disk...
Secure wiping goes beyond zero-fill operations, and provides an extra level of security. Most secure wiping programs are designed to meet DoD 5220 standards, which require three passes of overwriting with a special numeric pattern and verification. (Note that the 2007 revision of the Defense Security Service, Updated DSS Clearing and Sanitization Matrix (June 28, 2007) (PDF) now recommends degaussing or drive destruction for maximum protection.
Need our services?
If you would like to find out more and speak to a member of the The CyberTech team, then please get in touch. We’d be happy to help.