Articles‎ > ‎Data Security‎ > ‎

Methods to Securely Dispose of Data on Hard Drives and SSDs

Data remanence  is the residual representation of data that remains even after attempts have been made to erase the data.  Simply formatting your hard drive (HDD) only cleans it up so it can hold files again.  The formatting process doesn't destroy all the old data from your hard drive.  So if you were donating or gifting an old HDD that contained confidential personal or business information, that data can quickly be recovered with free tools and a little bit of knowledge.

 

Note:  Some of the techniques and technologies discussed below may only apply to traditional disk based hard drive, and may not be supported by newer flash based drives.

 

None of the technologies or techniques discussed below can guarantee 100% protection against someone from recovering your data if they really want too (unless the physical data platters are completely destroyed, but I am pretty sure someone will argue how there is no perfect solution).

 

I have learned it can sometimes be impossible to make anything perfectly secure (or in this case unrecoverable).  All you can do is make it extremely difficult, so that it will probably stop 99.9% of people.

 

Data Encryption

 

Before you ever worry about using any data destruction technique, I would suggest using full disk encryption technology to protect your data from falling into the wrong hands.  Two popular solutions are TrueCrypt and Microsoft BitLocker.  Note: the BitLocker feature is only included in certain versions of Windows.

 

If you don't want to have to worry about using some type of software to encrypt all the data on the disks, their drive manufactures that sell self encrypting drives.   For more information, check out the following article.

 

If an encrypted drive is ever lost or stolen unless someone knows the unlock password, or guesses using brute force techniques the data should be safe.

 

Warning: If you follow the advice discussed in this article, your data will not be recoverable by most physical means.  Before following any of the provided information, ensure that you really want the data destroyed because in most cases it will be unrecoverable.

 

If you have data on an old hard drive you want to throw away (I mean e-recycle).  There are two ways to destroy the old data.  One will call "logical" meaning that it involves using software or hardware to destroy the data, and the second we will call "physical" meaning that the device is totally destroyed.

 

Logical Data Destruction

 

Logical data destruction involves using a program to randomly write data across the drive.  Generally this is done with several passes.  When this process is completed all the data should be unrecoverable, and the physical drive can be reused. 

 

Programs like Dariks Boot And Nuke can be used to securely wipe data from a hard drive.  There is suppose to be another method that involves destroying the SATA Keys, but I am still investigating that.

 

Note: Bad sectors are generally not handled properly by most data destruction software.  When utilizing a disk wiping technologies, be aware that someone trying to recover data from the drive can go after bad sectors in hopes of recovering some data.  For more information, check out the following article.

There are also remote data wiping technologies such as 'LoJack for Laptops' that can help protect your data from being stolen or misused.  This technology is installed in the BIOS from some computer manufactures, and allows a laptop or computer to be wiped by sending a command to it the next time it connects to the Internet.

 

Physical Data Destruction

Warning: the methods that are discussed here are for educational reference only.  I do not recommend that you use them, and if they are utilized you do so at your own risk.

Physical data destruction involves physically destroying the hard drive.  It’s important to note that If only the hard drive is destroyed but the drive platters are still intact, the data is still recoverable.  So it’s important that the platters are physically destroyed to prevent data from being recovered from them.

Common methods are:


YouTube Video




YouTube Video



  • Degaussing (Its highly recommended that you test the effectiveness of this technology before trusting it)
  • Sledge Hammer (A few good whacks with a big enough hammer will help ensure that the data will not be easily recovered)

 

Extreme

  • Grinding (Its rumored to be used by some governments and other organizations that deal with classified data)

 

Flash Based Drives

 

As flash based SSD drives become more common every year. The data destruction considerations for these devices will be more common.  The main issue with the drives is the wear leveling technology which is used to help extend the life of the flash chips by evenly distributing data across them.  After wiping an SSD drive, researchers were able to find data remanence.

 

For more information, check out the following Wikipedia entry. 

Comments