Storage

Don't let old data come back to haunt you

Before you donate that old PC or return it to the leasing company, consider what's on its hard drive. Find out how and why TechRepublic members clean their hard drives before letting them go.


In today's IT world, upgrading equipment is a continual process that presents several challenges. One question that often arises when discussing this subject is, “What should we do with old equipment?” In January 2002, we asked our members what they do with old equipment. The results are shown in Figure A.

Figure A


Deciding how to handle old equipment is especially important in the corporate world, where data security is paramount. No one likes the thought of someone snooping around on his or her hard drive. Businesses go to great lengths to protect the integrity of their systems from external hacking, so it only makes sense that when disposing of or recycling old equipment, the same safeguards should be taken. With computer forensic recovery, even data thought to have been “erased” can rise from the dead. IT pros must be aware of such vulnerabilities and take the necessary precautions to prevent confidential information from getting into the wrong hands, especially the competition’s.

TechRepublic member john.williamsonis encountering such a problem with old equipment his organization has slated for recycling. He writes, “We need to erase/remove/destroy the data on all PC hard drives prior to disposal. The data is not necessarily private or confidential, but at the same time, it should not be available to the public. What would be the most effective way to accomplish the task?”

The academic approach
Anna777 suggests using software to solve this problem. She writes, “You can purchase software for this purpose at www.east-tec.com.” She also points out that shareware/freeware is an option. You can download a demo version of East-Tec's FormatSecure software from Download.com, which offers dozens of file and disk management utilities.

ASyscoKid believes a boot disk with the format.exe command added will solve this problem. He writes, “Create an AUTOEXEC.BAT on the boot disk with the command format C: /u (also /s if you want the drive to be clean but bootable).” A reboot of these old machines using the newly created boot disks should do the trick.

But is this sufficient? TheChas warns, “Even the /u format will not prevent recovery if someone wants to put a lot of effort into the task.” He advises, “Use fdisk to remove the partition(s). Reboot and use fdisk again to repartition.” This will provide the greatest security if the new partition(s) is a different size than the original. According to this member, there will then be no way to recover the old files.

The physical approach
There's always more than one way to skin a cat in the IT world. Maybe you want a more visually reassuring solution.

Dikey01 encountered such a problem at his company and offers the following solution. “Get a powerful magnet and set it on each hard drive for about 20 seconds. This will scramble the data beyond recovery.”

For the more paranoid computer user, another option exists. Member jereg suggests doing what the FBI does. He writes, “I suppose it depends on how much trouble you want to go to…the way they [the FBI] disable their hard drives is to punch a hole through the case and the disk.” If a sturdy enough hole puncher isn’t available, try a hammer. Jereg jokes, “Beat on the hard drive a couple of times… it’s faster than a reformat, good exercise, and relieves some built-up tension.” Check out Kyu Rhee's article "Consider security before returning a failed hard drive" for more tales of total hard drive destruction.

Happy bashing
Have you recently disposed of some old computer equipment? What creative methods did you employ to ensure data security? Post a comment to this article and let us know.


Editor's Picks