With the constant evolution of technology, many people find themselves upgrading their computers and devices frequently. This leaves the issue of what to do with old hard drives that may contain sensitive information. Simply deleting files or even reformatting a hard drive isn’t enough to keep data secure, so more drastic measures need to be taken to completely erase hard drives before disposal.
Why is secure erasure of hard drives important?
There are a few key reasons why it’s so important to properly erase your hard drives before getting rid of them:
- Data security – There may be sensitive files left on the drive even after deleting them or reformatting. Things like financial information, passwords, personal photos and documents, etc. This data could be retrieved if the drive falls into the wrong hands.
- Identity theft prevention – Personal and financial data left on old hard drives makes you vulnerable to identity theft if someone gets ahold of the drive.
- Reusing or donating drives – If you plan to donate, sell or give your old drive to someone else, you want to make sure no personal data remains on it.
- Environmental responsibility – Securely erasing drives allows them to be safely recycled without risk of data leakage.
How are files normally deleted from a hard drive?
When you delete a file from your computer through your operating system, it doesn’t actually get permanently erased from the hard drive. Instead, the reference to that file gets removed from the file directory, essentially “forgetting” where that file is stored. The actual file contents remain on the drive until they get overwritten by new data.
Even reformatting a drive doesn’t touch the existing data on it – it simply clears the file directory and severs the links to the files. The data itself continues taking up space on the drive until it eventually gets overwritten.
Why can deleted files be recovered?
As long as the original data clusters on a drive have not been overwritten with new data, they can be recovered using file recovery software. This is possible because reformatting a drive or deleting files only removes the “pointers” to the data – the data itself remains intact until replaced with something else.
Some reasons deleted or lost files can still be recovered include:
- The areas of the hard disk containing the deleted data have not been overwritten yet. This is more likely with large drives and newly deleted files.
- The deleted files were stored contiguously and fragmentation has not occurred, making recovery simpler.
- The deleted data is recoverable using forensic tools and techniques to search raw data on the disk.
- Backup copies of the deleted files still exist on other media.
What methods can be used to securely erase hard drives?
To prevent deleted files from being recovered, more powerful disk erasure techniques need to be used that actively overwrite all data on a drive. Here are some options:
Overwriting the drive
Software tools can be used to overwrite all disk space on the drive with meaningless 1s and 0s. This overwriting process renders any previously deleted files unrecoverable. However, overwrite tools need to use multiple passes (writing over the disk multiple times) for maximum effectiveness.
Degaussing a hard drive exposes the drive to a powerful magnet that disrupts and randomizes the magnetic fields of data stored on the platters. A degausser can effectively render data unrecoverable, but renders the drive unusable.
For ultimate peace of mind, you can physically destroy old hard drives. Drilling holes through the platters, crushing the drive in a press or shredding it will leave no chance of data recovery. But this also leaves you with a pile of metal and plastic to dispose of.
Encrypting your drive when first setting it up can allow quick secure erasure later simply by securely deleting the encryption key. This renders all previously encrypted data instantly unreadable.
Software overwrite and erase tools
There are a variety of software tools available that can perform multiple overwrite passes and securely erase drives. Here are some top options:
|DBAN||Darik’s Boot and Nuke is free erasure software that completely deletes data on hard disks. It overwrites disks with random data.|
|Active@ KillDisk||Paid tool that provides multiple algorithms and techniques for drive erasure, including DoD 5220 and Gutmann methods.|
|Hard Disk Wiper||Provides up to 35 overwrite passes to securely scrub hard drives using a variety of standards and erase techniques.|
|Eraser||Open source tool for Windows systems that overwrites data and does secure deletion of individual files as well as entire drives.|
|Disk Wipe||Free tool for wiping all data from disks and partitions by overwriting them multiple times with randomized data.|
Steps to securely erase a hard drive with DBAN
DBAN (Darik’s Boot and Nuke) is a free data destruction utility that can completely erase data from a hard drive. Here is a simple guide to using it properly:
- Download DBAN from dban.org and create a bootable CD/DVD or USB drive.
- Backup any data you need to keep from the drive you want to erase.
- Boot the target computer from the DBAN disk – you may need to adjust BIOS settings to allow booting from the disk.
- Choose the appropriate options in DBAN when prompted:
- Choose “Autonuke” or “DoD Short” erase method
- Select the drive to erase
- Let DBAN start overwriting the drive – this may take hours for large drives.
- DBAN will let you know when the process completes and the drive is erased.
- Shut down computer, reinstall OS if desired, and then the drive is ready for reuse or disposal.
Best practices for physically destroying drives
While overwriting or degaussing are good options, physically destroying hard drives is the most foolproof way to prevent data recovery. However, you need to take the proper precautions when physically destroying a drive.
- Use appropriate safety gear like goggles and gloves when destroying drives.
- Destroy drives in a controlled location away from flammable materials.
- For total assurance, destroy both the circuit board and platters of the drive.
- Use specialized drive destroyer tools like a crusher, shredder or disintegrator if available.
- Don’t breathe in particulate matter from a shredded drive.
- Have a metal recycling plan for the resulting drive remnants.
Regulatory standards for drive erasure
Some industries and government agencies have developed disk erasure standards that should be followed to properly dispose of old hard drives:
This is the erase standard set by the U.S. Department of Defense. It requires overwriting all addressable locations on a drive with a random character, its complement, then a random character again.
The National Institute of Standards and Technology published guidelines for media sanitization. It recommends the DoD 5220.22-M erase technique along with degaussing and destruction methods.
The Health Insurance Portability and Accountability Act regulates protected health information in the US. HIPAA stipulates healthcare groups must use NIST SP 800-66 methods to dispose of data-containing devices.
The mandates of the Payment Card Industry Data Security Standard apply to merchants handling payment card data. It requires render cardholder data on drives unrecoverable when disposing of old storage media.
The importance of a destruction log
When disposing of a large number of drives, it’s a good idea to maintain a destruction log documenting essential details about old drives being erased and disposed of. This log should include:
- Make, model and serial number of each drive destroyed
- The method used to destroy the drive (software erase, degaussing, physical destruction, etc)
- Date and time of destruction
- Names of staff who performed and witnessed the destruction
A detailed log provides an auditable trail proving your old drives were properly destroyed. This can help demonstrate regulatory compliance and minimize security risks.
Pitfalls to avoid when disposing of hard drives
To avoid potential security issues, here are some things you should never do when getting rid of old computer hard drives:
- Dump drives in the trash without destroying them first – they can easily be recovered.
- Donate or sell drives without completely erasing data on them.
- Skip drive erasure because it seems inconvenient or time consuming.
- Attempt physical destruction without proper tools, gear and location.
- Recycle drives without having their data securely wiped first.
With sensitive data potentially lingering on old hard drives, it’s critical to learn how to properly erase drives before disposing of them. Simply deleting files or reformatting leaves data vulnerable. To fully erase drives, you need to use software tools that overwrite all data, employ degaussing, or turn to physical destruction methods. By properly sanitizing any old drives, you can protect your data from ending up in the wrong hands.