Storage

Five tips for securely destroying data

When the time comes to dispose of data -- securely and permanently -- you need to use the right destruction methods. Scott Lowe looks at some ways to help ensure that nobody will be able to recover that data.

A critically important part of data lifecycle management is destroying data at the end of a medium's useful life. If this step is overlooked, it can lead to disastrous results. But the method by which data on a particular medium is destroyed depends on the medium type. Data destruction mechanisms must be employed for paper records, magnetic media, including tapes and hard drives, and storage media such as flash drives or CDs/DVDs that might have sensitive information.

There are multitudes of ways you can make sure that the chances of anyone ever recovering your data are slim to none. Here are five recommended methods for destroying data on magnetic media.

Note: These tips are based on an entry in our Servers and Storage blog.

1: Shredding

There are services that will literally shred a hard drive. Take a look at this impressive video, which shows a drive being completely destroyed. For someone to come back after the fact and attempt to reconstruct it -- particularly when a single drive's debris is mixed with other debris -- would be almost impossible.

In many cases, you can ship the drives to the destruction company. But to maintain a clear and responsible chain of custody, many services will come to you so that you don't have to worry about what happens during transit. You can also buy your own mega-shredder, but those can be pretty expensive.

From a "fun to watch" factor, this method can't be beat!

2: Degaussing

Hard drives are nothing more than bottles of data held in place by magnetic glue. By removing the magnetic glue, you can create a breakdown of the underlying bits and bytes and scramble them in a way that's tough to recover from. If the degaussing device used is good enough, you'll destroy all of the bits and bytes at the user level as well as the low-level formatting that makes it function as a drive. (If you're serious about data security, you'll use a powerful degausser.)

Although degaussing might be looked at as a way of simply erasing a drive, it's actually a destructive mechanism -- though it's not nearly as fun to watch as a shredder.

Powerful degaussers will also render inoperable a drive's servo motors and will damage the spindle motor of the drive. It truly is a paperweight when you're done.

A really good degausser is expensive, but it doesn't cost as much as a really good shredder, and it might be enough for your needs. Also, it's a fast process. Take a look at this YouTube video of a hard drive degausser in action.

3: Department of Defense level data overwrite

If you've been in IT for any period of time, you probably know that deleting a file really doesn't mean that the file is no longer retrievable -- it simply means that the operating system has removed it from your view. Retrieving files deleted by the operating system is a pretty trivial task.

So how do you make sure that your deletion process really achieves your data protection goals? Use a process that meets Department of Defense guidelines for data overwrite. This process basically involves overwriting each area of the disk multiple times with different types of data (patterns).

There are all kinds of programs intended to securely delete files and even entire hard drives. For example, the SDelete program from Sysinternals allows you to securely delete a single file, while programs such as East-Tec DisposeSecure extend the protection to full hard drives and include critical validation reports showing the success of the process. Check out Active@ KillDisk and Darik's Boot And Nuke (DBAN), which were recently profiled by my fellow TechRepublic blogger Rick Vanover.

4: Smelting

The most committed people may try to find a way to thwart your data destruction efforts, even if you physically destroy the hard drive or wipe its magnetic field.

  • The problem: Even after destruction, the hard drive is still in the same physical state, even if it no longer has a magnetic field or is in thousands of pieces.
  • The solution: Perform a process that changes the hard drive from a solid into a liquid. This is extreme, but it may be necessary for some kinds of data.

These guys provided a nice overview of the backyard process they went through that guarantees (even more than the methods described above) that no one will be reading data from this physical medium every again.

On a serious note, there is a temperature at which magnetic media loses its magnetism and is no longer able to hold data together. Called the Curie point, after this temperature, the bits and bytes are no longer neatly ordered. Since different kinds of metals are used in varying kinds of magnetic media, I've used the definitive resource -- Wikipedia -- to show you the Curie points for each metal:

Substance Curie temp °C
Iron (Fe) 770
Cobalt (Co) 1130
Nickel (Ni) 358
Iron Oxide (Fe2O3) 622

Whether you smelt it or incinerate it in some way, get your media above these temperatures or change its state to liquid, and your data is much likelier to be safe.

5: Encrypting from the beginning

While this method isn't purely destructive in nature, encrypting the contents of your storage as a routine practice can help you protect against prying eyes when it comes time to dispose of the media, particularly if you store the decryption key away from the media. The downside to this method is that it's not 100% foolproof and can be subverted by someone who really wants the data. The upside is that the attacker needs physical access to the computer's operating system.

What works for you?

How do you accomplish the goal of ensuring that your data remains your data as part of your organization's information security plan? Share your data destruction methods in the discussion.

About

Since 1994, Scott Lowe has been providing technology solutions to a variety of organizations. After spending 10 years in multiple CIO roles, Scott is now an independent consultant, blogger, author, owner of The 1610 Group, and a Senior IT Executive w...

14 comments
JakeWrenfield
JakeWrenfield

Great tips! I especially think that it is important to do encrypting from the beginning. This can help to save a lot of time down the road. It can be difficult to completely destroy data, so it is crucial to make sure personal data is always secured if it cannot be destroyed. This is especially true when it comes to 

oil and gas communications security. Internet communication can be very useful for oil and gas companies especially during times of crisis, but having their information remain confidential and secure is critical.

oliverb2012
oliverb2012

Obviously the aim of a pattern-fill is to overwrite any data on the drive, but what if the drive's wear management is able to recognise an attempt to write sectors of all the same value and store it in management blocks without actually writing it over the relevant drive media sectors. My preference would be one or two passes of random data followed by a zero fill. The zero fill is simply so if the drive is redeployed then disk management software isn't confused by random "data".

RockerGeek!
RockerGeek!

We've used the 2 I just mentioned at work... But after seeing that shredder... I WANT ONE!! But we destroy data and surplus our old machines soo.... we can't squish up HDDs in a shredder *sad face

RochSkelton
RochSkelton

What data wiping methodologies are being recommended for SSD? The controllers "get between" the computer commands and the actual media, with spare blocks and relocated/fragmented addresses, such that a format or write command may not physically effect all the necessary blocks. I'm interested in knowing valid wiping programs, since I would prefer NOT busting up even my low-security drives just to make sure they are erased.

EagleEye01
EagleEye01

I use a standard DoD 7 pass method for normal data. Anything of real concern gets either DoD 5220-22.M with an algorithm for 22 passes or for anything really ugly I use the Guttman algorithm for 35 passes. Each method meets DoD standards but personal satisfaction and confidence sets the level for me. DoD 5220-22.M and Guttman take longer to work their magic but in the long run the knowledge that it was done that way can make it worthwhile.

dstreifling
dstreifling

When I really want to be sure no one can resurrect the data, I take the disk drive home and smash it multiple times with a sledge hammer. Effective and at the same time surprisingly satisfying.

paradoxstorm
paradoxstorm

It is important to note that degaussing is not a method approved by the National Association for Information Destruction (NAID). All the others listed are.

Spitfire_Sysop
Spitfire_Sysop

Why is this discussion spread across multiple places on the tech republic? I understand that it is a storage issue with security implications that has "Five things" that needs to be considered by IT Management and ultimately implemented by IT support. Pick a catagory and publish it there or link them all to the same page.

Ron_007
Ron_007

From what I've read over the last few years encryption is a possibility, but on "extreme" destruction like shredding and smelting are a sure thing. It depends very much on the specific details of how the SSD drive was built, hardware and software. One study found MANY copies of deleted files left on a drive. Another found that deleted files were being securely wiped in a very short time after deletion. Here are links to some of the stories I've read over the last 3 years or so: http://gizmodo.com/5489933/leave-no-trace-how-to-completely-erase-your-hard-drives-ssds-and-thumb-drives http://www.smh.com.au/technology/technology-news/hightech-criminals-outsmarting-the-law-20110308-1bltt.html http://www.computerworld.com/s/article/9211519/Can_data_stored_on_an_SSD_be_secured_?taxonomyId=19&pageNumber=1 http://www.theregister.co.uk/2011/03/01/self_destructing_flash_drives/ http://www.techrepublic.com/blog/security/the-security-limitations-of-solid-state-drives/5154 http://www.zdnet.com/blog/storage/ssd-security-the-worst-of-all-worlds/1326?tag=nl.e019 http://www.techradar.com/news/computing-components/storage/solid-state-drives-all-you-need-to-know-641692?artc_pg=1 "Solid State Drives: The Beginning of the End for Current Practice in Digital Forensic Recovery? " Graeme B. Bell Richard Boddington "Reliably Erasing Data From Flash-Based Solid State Drives" Michael Wei???, Laura M. Grupp???, Frederick E. Spada???, Steven Swanson??? Happy reading

fhrivers
fhrivers

SSDs will make physical destruction the preferred method.

RochSkelton
RochSkelton

If you are wiping your disks with multiple data writes, the 7 pass DoD process is sufficient. If your data requires more secure destruction, you should physically destroy the drive - more data write passes will not help. THERE IS NO Guttman algorithm for 35 passes - his paper describes 35 different patterns that may be written to drives of different recording/readback types (many of which are no longer manufactured or in use), but there is never a statement that all patterns should be written to a single drive - and a latter revision of the paper includes a disclaimer that such 35 pass writes are a waste of time and show that the user has no knowledge of magnetic drive physics. Personally, I prefer taking drives into the woods and shooting them full of holes, but that's not always possible with busy schedules. So a drill works just a well...

CyberOptiq
CyberOptiq

What does it matter?? You should really put the effort you spent noticing that into reading what interests you rather than how many times it appears on a website.