Privacy: Securely erasing data

Selling or giving a computer to a friend or family member is a pretty common event. Less common, though still possible, is releasing company technology to an employee. In either case, if you’re including the storage media/hard drive in the deal you might want to make sure that any data that’s been saved on it doesn’t go along with it – and as you likely know, just deleting the files isn’t enough. A couple of options for keeping deleted data safe from retrieval are outlined below.

Windows 8/8.1: Multi-pass formatting
If you can mount the drive to be erased as a second drive on a Windows 8 or 8.1 machine, either in a USB enclosure or internally, the format /p command can be used to conduct a random, multi-pass overwrite of the drive. For example,

format h: /p:7

runs a single-pass overwrite of the h: drive in which 0 is written to every sector, followed by 7 passes in which random numbers are written to each sector. As noted in the TechRepublic article  from which I learned this technique, “using the /P parameter to securely wipe a disk does not meet any of the United States Department of Defense standards for hard disk data removal”, so if you’re disposing of a business hard drive you may need to choose a more robust drive wiping method; if you’re just giving your personal computer to a friend, you can probably use this method for a quick and relatively certain erasure.

Darik’s Boot and Nuke
DBAN is a go-to for just about any IT pro. While the developers avoid making any express promises about data removal, it’s my experience (and I would wager most people’s) that the multi-pass, multi-algorithm system they’ve implemented renders data irretrievable on any hardware. Most of my clients have been satisfied with this level of data removal.

Certified solutions
In some cases – none of which I have ever encountered – secure data removal cannot be considered complete unless a certified method that generates an audit trail is used. If your particular situation requires that level of certainty, there are a number of options out there including the Blancco suite of tools. Blancco acquired DBAN in 2012, and in addition to certified secure erasure also provides a variety of management and auditing tools.

It’s worth noting that certified tools can cost a lot of money and are really intended for business use. For most situations, either of the first two methods mentioned – or a number of other free tools – will be fast and secure enough for you to hand off your used technology.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.