Introduction
Data erasure (also called data clearing or data wiping) is a software-based method of overwriting the data that aims to completely destroy all electronic data residing on a hard disk drive or other digital media. Unlike other file deletion commands in different Operating Systems like rm in Linux or del in case of windows, which only remove direct pointers to the data disk sectors; Secure Data Wiping means the data in the memory should be unrecoverable by any software, it completely erases all traces of information from the memory disk while it continues to be operable. However, new flash memory–based media implementations, such as solid-state drives or USB flash drives can cause data erasure techniques to fail allowing remnant data to be recoverable.
Why Secure Data Wiping is important?
Secure data wiping is very important in this digital world which now dominates almost all the fields in some way or the other. This has also put pressure on securing confidential data from hackers or people who can use them in an unethical way. The rises of e-waste and C2C e-commerce sites like eBay have increased the need to protect private and confidential data. Information technology (IT) assets commonly hold large volumes of confidential data. Social security numbers, credit card numbers, bank details, medical history and classified information are often stored on computer hard drives or servers. Therefore using secure wiping we can ensure that our data becomes unrecoverable.
Sample Case Study: Suppose someone sells his/her external 500 GB HDD on eBay to another person. Before selling he made sure that he deleted all his data from the disk. The buyer gets the hard disk and uses data recovery tool like Recuva to recover the deleted files, and now he has hold to the seller’s confidential data. The buyer may harass the original sellers or blackmail him/her, or worse post their private photos or data to online communities leading to Privacy hacking. To get rid of this scenario we could use a disk wiping tool to erase all our data and then sell it or give it to someone for use.
Why deleted files can be recovered?
When you a delete a file, it isn’t really erased – it continues existing on your hard drive, even after you empty it from the Recycle Bin. This allows you (and other people) to recover files you’ve deleted. If you’re not careful, this will also allow other people to recover your confidential files, even if you think you’ve deleted them. This is a particularly important concern when you’re disposing of a computer or hard drive. So what happens when you delete a file?
Windows (and other operating systems) keep track of where files are on a hard drive through “pointers.” Each file and folder on your hard disk has a pointer that tells Windows where the file’s data begins and ends.
When you delete a file, Windows removes the pointer and marks the sectors containing the file’s data as available. From the file system’s point of view, the file is no longer present on your hard drive and the sectors containing its data are considered free space. However, until Windows actually writes new data over the sectors containing the contents of the file, the file is still recoverable. A file recovery program can scan a hard drive for these deleted files and restore them. If the file has been partially overwritten, the file recovery program can only recover part of the data. But these don’t work on SSD drives, because they work differently.
Why Operating System doesn’t erase deleted files immediately?
Why Secure Data Wiping is important?
Secure data wiping is very important in this digital world which now dominates almost all the fields in some way or the other. This has also put pressure on securing confidential data from hackers or people who can use them in an unethical way. The rises of e-waste and C2C e-commerce sites like eBay have increased the need to protect private and confidential data. Information technology (IT) assets commonly hold large volumes of confidential data. Social security numbers, credit card numbers, bank details, medical history and classified information are often stored on computer hard drives or servers. Therefore using secure wiping we can ensure that our data becomes unrecoverable.
Sample Case Study: Suppose someone sells his/her external 500 GB HDD on eBay to another person. Before selling he made sure that he deleted all his data from the disk. The buyer gets the hard disk and uses data recovery tool like Recuva to recover the deleted files, and now he has hold to the seller’s confidential data. The buyer may harass the original sellers or blackmail him/her, or worse post their private photos or data to online communities leading to Privacy hacking. To get rid of this scenario we could use a disk wiping tool to erase all our data and then sell it or give it to someone for use.
Why deleted files can be recovered?
When you a delete a file, it isn’t really erased – it continues existing on your hard drive, even after you empty it from the Recycle Bin. This allows you (and other people) to recover files you’ve deleted. If you’re not careful, this will also allow other people to recover your confidential files, even if you think you’ve deleted them. This is a particularly important concern when you’re disposing of a computer or hard drive. So what happens when you delete a file?
Windows (and other operating systems) keep track of where files are on a hard drive through “pointers.” Each file and folder on your hard disk has a pointer that tells Windows where the file’s data begins and ends.
When you delete a file, Windows removes the pointer and marks the sectors containing the file’s data as available. From the file system’s point of view, the file is no longer present on your hard drive and the sectors containing its data are considered free space. However, until Windows actually writes new data over the sectors containing the contents of the file, the file is still recoverable. A file recovery program can scan a hard drive for these deleted files and restore them. If the file has been partially overwritten, the file recovery program can only recover part of the data. But these don’t work on SSD drives, because they work differently.
Why Operating System doesn’t erase deleted files immediately?
If you’re wondering why your computer doesn’t just erase files when you delete them, it’s actually pretty simple. Deleting a file’s pointer and marking its space as available is an extremely fast operation. In contrast, actually erasing a file by overwriting its data takes significantly longer. For example, if you’re deleting a 10 GB file, that would be near-instantaneous. To actually erase the file’s contents, it may take several minutes – just as long as if you were writing 10 GB of data to your hard drive.
To increase performance and save time, Windows and other operating systems don’t erase a file’s contents when it’s deleted. If you want to erase a file’s contents when it’s deleted, you can use a “file-shredding” tool.
How to securely erase data from disks?
Several tools and disk wiping utilities can be used to securely remove the data from hard disks. Secure file deletion tools do what operating systems don’t normally do. When you “securely delete” a file, the tool will delete the file normally and take note of where its data is stored, overwriting those sectors with junk data. This should prevent the data from being recoverable. Some well-known tools are:-
1. Eraser
2. Derek’s Boot and Nuke (DBAN)
3. CCleaner
4. Recuva
Eraser
Using Eraser we can erase disks, files and other data that may reside in memory. Download and Install Eraser from here. Create a new Task and select the type of wiping to wish to perform like file, Recycle Bin or folder etc. and then Choose the secure standard like Gutmann (35 passes) and click OK.
2. Derek’s Boot and Nuke (DBAN)
3. CCleaner
4. Recuva
Eraser
Using Eraser we can erase disks, files and other data that may reside in memory. Download and Install Eraser from here. Create a new Task and select the type of wiping to wish to perform like file, Recycle Bin or folder etc. and then Choose the secure standard like Gutmann (35 passes) and click OK.
You can start the wiping queue automatically or manually.
Conclusion
Secure Wiping tools do work on magnetic hard drives, erasing the current file’s data from the disk completely so it can’t be recovered from that place. However, there are other places that bits of the file may be lurking like Other Copies of file, Temporary Files, Search Indexes, Shadow Copies, Prefetch, Image Thumbnails etc. Therefore a user must be aware of all the places to look for their before wiping.
References
https://en.wikipedia.org/wiki/Data_erasure
http://www.howtogeek.com/72130/learn-how-to-securely-delete-files-in-windows/
http://www.howtogeek.com/125521/htg-explains-why-deleted-files-can-be-recovered-and-how-you-can-prevent-it/
Secure Wiping tools do work on magnetic hard drives, erasing the current file’s data from the disk completely so it can’t be recovered from that place. However, there are other places that bits of the file may be lurking like Other Copies of file, Temporary Files, Search Indexes, Shadow Copies, Prefetch, Image Thumbnails etc. Therefore a user must be aware of all the places to look for their before wiping.
References
https://en.wikipedia.org/wiki/Data_erasure
http://www.howtogeek.com/72130/learn-how-to-securely-delete-files-in-windows/
http://www.howtogeek.com/125521/htg-explains-why-deleted-files-can-be-recovered-and-how-you-can-prevent-it/
0 comments:
Post a Comment