Storage

Don't leave information on old hard drives

Organizations replace computers for all kinds of reasons, and they often donate or sell the old hardware. However, many fail to effectively erase the data on the old hard drives. Jonathan Yarden examines this growing threat to data security, and he offers tips for making sure you safely get rid of old hardware.

It doesn't surprise me that many people fail to understand the basic workings of computer systems, and yet they can still use them effectively every day. But it does disturb me that there are so many people using complex machinery that they know nothing about—or even care to learn.

I've generally found that computer users fall into two general categories: Those who are aware of the components of a computer system, and those who don't want to know the details. Of course, knowing the details of computer systems can mean the difference between a potential issue and a disaster.

We're all painfully aware of how many people fall into the "don't care" category—those are typically the folks that get hacked systems, virus or worm infestations, or botched software installations. But this isn't the only result of such ambivalence. Another potential issue is information left on old hard drives.

I've avoided selling my old hard drives for this reason. But I thought most companies were aware of the risks and already used a data-erasure program such as MediaWiper. If the old data was really sensitive, I assumed companies would take steps to physically destroy the old hard drives.

I thought everyone knew that deleting a file doesn't erase the file data. Of course, we all know that old saying about making assumptions.

After reading a number of articles about the presence of sensitive data on old hard drives, I decided that I would investigate the matter myself. I found an older machine with a working IDE hard drive and installed it into another system as the secondary drive. Then, using the WinHex program, I started browsing around the drive.

I decided to visit data sectors in the middle of the hard drive, and sure enough, I found a lot of information. The hard drive was part of a computer used by a former employee—and I found enough damaging information that would have led to this employee's termination long before he quit on his own.

After looking around for a bit more, I decided I had seen enough. That was all it took to convince me that there really is a serious security issue with old hard drives. How serious depends on what's on the hard drive itself, but I would say that the majority of companies don't sufficiently address this risk.

Organizations replace computers for all kinds of reasons, and the machines often end up in yard sales, auctions, or local computer resellers' shops. Identity theft and misuse of personal information is often an unexpected consequence of failing to effectively erase the data on old hard drives. Although this may sound unlikely, it's even feasible to continue to read the "signature" of old hard drive data after someone has overwritten it.

There are a number of free data-wiping utilities on the Internet. One of the most ingenious programs I've found is Darik's Boot and Nuke (DBAN).

This is a complete, self-contained Linux boot floppy that does exactly what it says: It erases the data on any hard drive connected to the system you boot it on. After returning the hard drive that I had inspected with WinHex to its computer, I booted DBAN, and away it went.

The bottom line: Before you relegate that old system to the storage room, donate your old home computer to charity, or sell it, use a data-erasure program to wipe that hard drive clean. If you really want to destroy the data, you'd be amazed how flat you can pound an IDE hard drive with a sledgehammer. Haven't you always wanted to do that just once? If you have an old hard drive, now is the perfect time.

Miss an issue?

Check out the Internet Security Focus Archive, and catch up on the most recent editions of Jonathan Yarden's column.

Want more advice for locking down your network? Stay on top of the latest security issues and industry trends by automatically signing up for our free Internet Security Focus newsletter, delivered each Monday.

Jonathan Yarden is the senior UNIX system administrator, network security manager, and senior software architect for a regional ISP.

Editor's Picks