Erik Eckel covers the options for those who need to securely erase files from a Mac that contain sensitive or confidential information. Here are the built-in options as well as some third-party solutions.
Security is an ever-increasing concern. Businesses using Macs aren't immune from malware attacks, stolen systems or other orchestrated attacks designed to provide unauthorized access to sensitive information. It's more important than ever to ensure proprietary data, medical and/or financial information and other confidential files are securely removed from a system, external disk or portable drive when no longer needed, discarded, or decommissioned.
Most Mac users are familiar with the file removal process. Files are selectively moved to the Trash and summarily deleted by clicking Finder and selecting Empty Trash.
Files removed in this fashion frequently prove recoverable, however. An ill-intentioned user can often run common data rescue or recovery utilities, such as Prosoft Engineering's Data Rescue, Alsoft's DiskWarrior, or Micromat's TechTool Pro, and recover those deleted files.
Secure file removal
Mac business users removing sensitive, confidential, proprietary or otherwise protected information requiring secure deletion can leverage Mac's native secure removal feature. Instead of clicking Finder and selecting Empty Trash, Mac users can instead choose Secure Empty Trash.
What's the difference?
The Secure Empty Trash command prompts Mac OS X to perform a seven-pass erasure of the file. Instead of just removing a directory entry to the file or files in question, Mac OS X's Secure Empty Trash command initiates a series of seven different passes in which random information is written to the hard disk sectors previously occupied by that file. In fact, Apple states that this secure erasure meets United States Department of Defense security standards.
Before performing the secure removal, Mac OS X prompts users to confirm the secure removal operation by clicking the Secure Empty Trash button. Users are warned that the Secure Empty Trash operation permanently erases Trash items that cannot be recovered unless they've been backed up using Time Machine or another backup program.
After clicking the Secure Empty Trash button, the secure removal begins. The process takes much longer than typical empty trash operations, due to Mac OS X's need to rewrite file data on the hard disk multiple times.
Securely erasing free space
Mac users having already deleted files and needing to ensure those deleted files are unrecoverable can take the extra step of securely erasing free disk space. To securely erase free disk space formerly hosting sensitive information, Mac users should open Applications, select Utilities and double-click Disk Utility. Next the users should select the volume from which they wish to securely erase data, then click the Erase tab.
A dialog box will appear. The user will receive three options: zero-out, 7-pass erase, and 35-pass erase. Users must select the desired option and click the Erase Free Space button. Note, for higher security and to lower the likelihood that sensitive information is recovered, users should select the 7-pass or 35-pass deletion option.
Particularly paranoid Mac users will find several third-party secure removal utilities available, too. Edenwaith's Permanent Eraser, Mireth Technology Corporation's ShredIt X and MacKeeper Shredder are but three examples of software applications designed to securely remove sensitive files and information from a Mac.