With the ever-increasing capacity and dropping prices of hard drives, it’s common to have old drives lying around that are no longer in use. However, simply deleting files or reformatting a drive does not permanently erase the data stored on it. If you want to make sure your old hard drives are completely wiped before disposal or reuse, securely erasing them is essential.
Why is secure erasure important?
When you delete a file or reformat a drive, the file system marks the space used by that data as available for new data. The actual data itself remains on the drive and can be recovered using data recovery software. This means your personal or sensitive data could still be accessed by someone else if you pass on, sell, recycle or dispose of the drive carelessly.
Some examples of data you would want to make irrecoverable include:
- Financial records
- Tax returns
- Emails
- Messages and photos
- Business documents
- Legal contracts
- passwords and encryption keys
Securely erasing your old hard drives protects your privacy and security by ensuring this kind of data cannot fall into the wrong hands.
Erasing vs securely erasing a hard drive
Erasing or formatting a hard drive simply marks all the drive space as blank and available to be overwritten. The original data is still recoverable until it gets overwritten by new data.
Secure erasing overwrites all the sectors on a hard drive with random data, effectively scrambling and deleting existing data beyond recovery. Some advanced methods repetitively overwrite the drive to meet higher security standards.
Software tools for secure erase
Specialized drive erasing software is the easiest way to securely wipe a hard drive. Here are some top options:
DBAN (Darik’s Boot and Nuke)
DBAN is a free erasing utility that runs from a bootable CD or USB drive. It completely erases hard drive data by repetitively overwriting sectors with random data. You’ll need to connect the drive you want to erase and boot up from the DBAN media to run it.
Active@ KillDisk
Active@ KillDisk is a secure data removal tool available for Windows, Linux and bootable media. It overwrites data with standards compliant erasure algorithms. A freeware version is available with limited capabilities.
Eraser
Eraser is a free open source tool for Windows that allows scheduling of drive erasure tasks. It supports a range of advanced wiping methods and verfication of erasure results.
Mac Disk Utility
Macs have a built-in Disk Utility that can be used to securely erase data. Just select the drive, click Erase, choose a name and security option like the 1-pass overwrite.
Windows Format Tool
The Format dialog in Windows has a Quick Format checkbox that should be unchecked to perform a full format overwriting all sectors. This is less secure than other tools but works in a pinch.
Tool | Platform | Cost |
---|---|---|
DBAN | Windows/Linux/Bootable | Free |
Active@ KillDisk | Windows/Linux/Bootable | Paid |
Eraser | Windows | Free |
Mac Disk Utility | Mac | Built-in |
Windows Format Tool | Windows | Built-in |
Steps to securely erase a hard drive
Here is a general process to securely erase a hard drive:
- Download and install a drive erasing utility if needed.
- Connect only the drive to be erased to your computer.
- Backup any important data you may need from the drive before erasing.
- Launch the erasing utility.
- Select the correct hard drive to erase.
- Choose a secure erase method – more overwrites means more security.
- Start the erasure. This may take several hours depending on drive size.
- Verify the erasure completed successfully if the utility has a verification feature.
Specific steps vary between tools but follow this same general process. Consult your software documentation for detailed instructions.
Erasing SSDs vs HDDs
Solid state drives (SSDs) and traditional hard disk drives (HDDs) require slightly different processes for secure erasure. SSDs in particular require special steps due to their use of wear leveling algorithms.
Securely erasing HDDs
Destroying HDD data relies on overwriting all sectors with random data patterns. Multiple overwrite passes provide higher security:
- 1-pass overwrite – Good for recycling or disposing of low sensitivity drives
- 3-pass overwrite – The standard for proper erasure of confidential data
- 7-pass overwrite – Recommended for highly sensitive data per DoD 5220.22 standards
Securely erasing SSDs
SSDs require the following steps for proper secure erasure:
- Overwrite all data sectors at least once with random data
- Perform a TRIM command to erase any deleted blocks
- Destroy the encryption key if the drive uses hardware encryption
Many tools provide SSD-optimized erasure algorithms that perform these steps. Be sure to verify your tool can handle SSDs before erasing.
Erasing methods to avoid
Some common methods of erasing hard drives are too weak to stop advanced data recovery. Avoid these inferior options:
Formatting
A standard format of a drive does not touch existing data. It simply resets file tables. Data recovery software can easily restore formatted data.
Deleting partitions
Deleting the partitions on a drive does not erase any information. It simply removes the partition table metadata. Recovery utilities can rebuild partitions to regain deleted files.
Reinitializing/rebuilding
Reinitializing or rebuilding a hard drive does not actually change data on the disk. It simply clears the drive metadata and file system structures. File recovery is still possible.
Degaussing
Degaussing uses strong magnetic fields to disrupt magnetically stored data. It does not work well on modern drives with non-magnetic storage methods like flash memory in SSDs.
Prevent recovered data after disposal
To ensure erased drives stay erased after you dispose of them, it’s best to take further steps to physically damage them. Some options to prevent data recovery include:
- Drilling holes through the platters on HDDs
- Crushing or shredding the drive chassis
- Disassembling the drive and removing platters
You can also hire professional data destruction services to safely dispose of storage media using methods like physical destruction or degaussing chambers.
How to securely erase external hard drives
External drives connected over USB, Firewire, eSATA or Thunderbolt are erased in the same way as internal drives:
- Connect the external drive to wipe to your computer.
- Use your selected wiping software to perform a secure erase.
- Verify the erasure was successful.
Things to ensure when wiping external drives:
- Plug the drive directly into your computer, not through a USB hub.
- Disconnect all other external drives to prevent accidentally erasing the wrong one.
- Perform at least a 3-pass overwrite for best results.
How to securely erase files and folders
Erasing individual files or folders is trickier because the operating system does not directly expose lower level disk sectors. Here are some options to securely delete data at the file level:
Use wipe utilities
File shredding tools overwrite files multiple times to prevent recovery. Eraser on Windows or srm on Linux work well.
Encrypt before deleting
Encrypting files before deletion adds an extra layer of protection against recovery. Without the encryption key, recovered data will be unreadable ciphertext.
Delete file slack space
Data remnants often exist in slack space around files. Some tools like Eraser allow deleting slack space to wipe these remnants.
How to securely erase free disk space
To wipe all remaining free space on a drive after deleting sensitive files, you can use disk fill tools:
- Windows – Cipher /w flag fills space with random data
- Linux – shred utility overwrites free space
- Mac – diskutil secureErase freespace levels writes over empty space
Be aware this can take a long time depending on the amount of space and is less thorough than wiping an entire drive.
How to check your drive was erased properly
To verify a drive was properly erased, use one of these techniques:
- Check the erasing software log for any errors.
- Scan the drive with data recovery software to see if anything can be restored.
- Use disk imaging tools to examine the raw disk surface for remaining data.
The more overwrites performed, the less likely data remains. Repeated overwrite passes provide high confidence in proper erasure. Verify erasure took place to be certain.
Best practices when disposing of drives
To securely offload old hard drives, keep these best practices in mind:
- Perform at least a 3-pass overwrite erasure on HDDs before disposing.
- Use SSD erasure techniques like TRIM before disposing of SSDs.
- Physically damage drives to ensure erasure if highly sensitive data was stored.
- Remove drives from old PCs and devices instead of selling or gifting them whole.
- Maintain a record of erased drive models and serial numbers.
- Use professional data destruction services if desired for safe disposal.
Alternatives to secure erasure
If you can’t securely erase a drive for some reason, here are some options to keep data safe:
Physically destroy drives
Drilling, crushing or shredding drives prevents anyone from ever recovering the data. Many recyclers offer physical destruction services.
Degauss in strong magnetic field
Degaussing chambers with strong magnetic force can scramble data on some types of drives.
Disconnect and lock up drives
Removing drives and storing them securely prevents physical access required for data recovery.
Don’t forget about backups!
When disposing of old primary storage drives, remember to also safely dispose of any backup drives or tapes containing the same data. Backup media needs to be sanitized using appropriate methods like degaussing or physical destruction. Simply erasing backup tapes is not sufficient.
Conclusion
Securely erasing data from old hard drives before disposing, reusing or recycling them is critical to prevent sensitive information from leaking. Use specialized drive erasing tools like DBAN and verify they overwrite every sector before throwing out an old drive.
Remember to tailor your wiping approach based on drive type – SSDs have particular erasure requirements. Also be sure to destroy drives physically if they contained highly sensitive data. With the proper erasing methods, you can ensure deleted drive data stays deleted for good.