2.9 - Data Destruction

Importance of Data Security

  • Data stored on devices is highly valuable and can present significant risks if accessed by unauthorized users.

  • Need for assurance that no one can access sensitive data on storage drives that are no longer in use.

Methods of Physical Destruction

  • Physical Destruction: Most effective method to ensure data security.

    • Drilling or Hammering:

    • Easy method to destroy hard drives by drilling holes through the platters.

    • Physical damage makes data recovery impossible.

    • Industrial Shredders:

    • Suitable for destroying large quantities of drives.

    • Shreds drives into small metal pieces, rendering them unusable.

    • Degaussers:

    • Powerful magnets that remove the magnetic field of spinning hard drives.

    • Effectively deletes all data, but useless for SSDs and flash memory drives.

    • Incineration:

    • Complete destruction of the drive by burning.

    • Eliminates any possibility of data recovery but destroys the device.

Deleting Data Securely

  • Repurposing Drives: If drives are still functional, need secure data deletion instead of destruction.

    • File-Level Overwriting:

    • Use utilities like Sdelete from Microsoft Sysinternals to securely delete files.

    • DBAN (Darik's Boot and Nuke):

    • Deletes all data across the drive, allowing for reuse.

    • Effective for hard drives but not always suitable for SSDs due to how they store data.

    • Formatting:

    • Initial formatting in factories is known as low-level format, only available during production.

    • Post-purchase formatting options include:

      • Standard Format (Quick Format):

      • Only clears the index; data may still be recoverable.

      • Full Format (Regular Format):

      • Clears the index and overwrites all data sector-by-sector.

      • Time-consuming but ensures thorough data removal; no recovery possible afterward.

Legal and Ethical Considerations

  • Data Sensitivity: Fields like financial services and healthcare require strict data confidentiality.

  • Legal Obligations: In some scenarios, you may be legally required to destroy data to prevent unauthorized access.

Third-Party Destruction Services

  • Outsourcing Destruction: For organizations with large volumes of drives, consider hiring professionals for destruction services.

    • Certificate of Destruction:

    • Important document confirming the destruction of the drive and data.

    • Provides assurance regarding the proper handling of sensitive information.

Case Study: Data on Used Drives

  • Blanco and Ontrack Study (2019):

    • Purchased 159 used storage drives on eBay.

    • Findings:

    • 42% contained sensitive data.

    • 66 drives contained various types of data.

    • 25 drives included personally identifiable information (PII).

    • Types of data discovered included information from travel companies, freight data, academic papers, personal media files.

  • Conclusion: Importance of thoroughly considering options for decommissioning storage drives to protect sensitive information.