Data Sanitization
For the general user, the delete or format command appears to be the logical method of removing unwanted data files. These methods, however, are like sweeping something under the carpet: you may not be able to see it, but it’s still there. When you delete files and then empty the Recycle Bin, you don’t actually erase the information, you just delete the reference to it so that the operating system can’t find it. All the data is still there and, unless it’s overwritten, can be easily recovered using a file recovery software.
When sensitive information is stored on the hard drive of a machine that is to be surplussed or transferred to another individual or department, it is therefore imperative that extra measures be taken to wipe clean the hard drive before the computer leaves your area of responsibility. This document describes some common methods and software to assist you with the sanitization process. It also includes links to articles that provide detailed technical descriptions of what occurs during this process.
Data destruction software, however, truly does erase the data. Each data destruction program utilizes one or more data sanitization methods that can permanently overwrite the information on the drive.
If you need to remove all traces of a virus or you’re planning on recycling or disposing of your hard drive or computer, wiping your hard drive using data destruction software is the best way to protect yourself.
Sanitizing Techniques
The NIST Special Publication 800-88, Guidelines for Media Sanitization, provides an overview of sanitization techniques and requirements. According to the publication, the purpose of sanitization is “to render access to target data (the data subject to the sanitization technique) on the media infeasible for a given level of recovery effort”, and describes the three categories of action to be taken to sanitize media as:
Clear applies logical techniques to sanitize data in all user-addressable storage locations for protection against simple non-invasive data recovery techniques; typically applied through the standard Read and Write commands to the storage device, such as by rewriting with a new value or using a menu option to reset the device to the factory state (where rewriting is not supported).
Purge applies physical or logical techniques that render Target Data recovery infeasible using state of the art laboratory techniques.
Destroy renders Target Data recovery infeasible using state of the art laboratory techniques and results in the subsequent inability to use the media for storage of data.
See Section 5 of the document for a more detailed summary of sanitization techniques, and Appendix A for sanitization requirements for specific media/device types.
The three most common techniques for properly sanitizing hard drives are:
Physically destroying the drive, rendering it unusable. This is a good alternative for defective hard drives or those that would be too costly to repair. For added security, the disk should be overwritten or degaussed prior to destruction.
Degaussing the drive to randomize the magnetic domains – most likely rendering the drive unusable in the process. Degaussing, or demagnetizing, applies a reverse magnetizing field to data stored on magnetic media, erasing the contents by returning the magnetic flux to a zero state.
Overwriting the drive’s data so that it cannot be recovered. Overwriting replaces previously stored data on a drive or disk with a predetermined pattern of meaningless information, rendering the data unrecoverable.
Note that when removing sensitive information, don’t forget storage devices such as thumb-drives, back-up external hard drives and CDs. Also, be sure to erase any stored names and numbers from phones and fax machines.
Suggested Software
Program | Cost | Platform | Comments |
Shareware | Windows & Mac | Self-contained boot disk that securely wipes the hard disks of most computers; consumer-grade, appropriate for bulk or emergency data destruction. (Acquired by Blancco in 2012.) | |
Free | Mac OS X | Securely erases data as well as disk’s empty space (latter prevents the recovery of erased files without erasing the entire disk). | |
Shareware | Windows | Permanently wipes sensitive data on partitions and disk volumes. | |
$29.95 | OS independent | Erase computer hard drives, partitions or media devices; US DOD compliant. | |
Shareware | Windows | Completely removes sensitive data from a hard drive by overwriting it several times with carefully selected patterns. | |
Free version, Pro versions start at $39.95 | Windows, Linux | Powerful and compact software allowing you to destroy all data on hard disks, SSD and USB drives completely, excluding any possibility of future recovery of deleted files and folders; a hard drive and partition eraser utility. | |
Free | Linux | Use built-in dd, wipe and shred tools | |
Shareware | Unix & Windows command line program | Secure file removal utility for Unix and Unix-like computer systems; command-line compatible rm overwrites file contents | |
Free trial, $24.95 | Windows, Mac, iOS, Android | Easy interface, configurable overwrite pattern and number of overwrites | |
Shareware | Linux, Unix | Uses Gutmann’s erase patterns, erasing single files and accompanying metadata or entire disks | |
$29.95 | Windows, Intel-based Macs, Linux | Securely erases all hard drive or external storage information; military grade; wipe up to 3 different hard drives | |
Contact vendor for details (licensed per client) | Windows, Intel-based Macs, Linux | Flexible licensing permits wiping desktops, laptops, networked computers, servers, individual drives, or RAID arrays with one product and one block of licenses. Erase hard drives remotely. |
Removal Tips
Windows
Each of the software products listed above comes with specific instructions, some with an easy-to-use wizard interface. KillDisk (recommended by some DCCs).
Macintosh
In addition to the software offered above, Mac computer hard drives can be cleared by zeroing their data. Note that zeroing data (aka “low level” format) may take a long time and depends on the hard disk size. It is recommended to use the “8-way random” feature in conjunction with the “zero all data” option. See the section “Securely erase a disk” in the article Disk Utility 12.x: Erase a Disk, CD or DVD for details.
Solaris / Linux / Unix
Are you looking to break into the exciting field of cybersecurity? Join our 5-day CompTIA Security+ Bootcamp Training and build your cybersecurity knowledge and skills.
Or
Become a certified ethical hacker! Our 5-day CEH Bootcamp is unlike other strictly theoretical training, you will be immersed in interactive sessions with hands-on labs after each topic. You can explore your newly gained knowledge right away in your classroom by pentesting, hacking and securing your own systems. Learn more