Data sanitization is important for anyone whose old deleted computer data is more valuable to someone else than themselves. Let’s face it – given that your laptop and phone hold massive amounts of personal information about you, your browsing history, your business and your family, this includes you.
So what is “data sanitization”?
When you delete a file on your computer, it almost never gets deleted at all. Instead, your computer simply forgets that it’s there, and long deleted files and cached data can easily be recovered using commonly available software tools, even years later. Even when you empty the recycler, the file data does not get removed but remains physically on the device. This is why second-hand and recycled computers have always been a target for identity thieves.
Data sanitization is the application of a technique designed to effective destroy file data, not simply remove it from the list of data that the computer knows about. One convenient way to is to “hard wipe”, or overwrite, the data prior to removing it. Many tools to this exist, and one of the best free ones is Hardwipe.
Hardwipe is unique because it integrates cleanly with the Windows File Explorer, making it really straight-forward to wipe files on-demand. This makes it easy to implement a good data sanitization practice. However, this tool also supports a number of other common ways to sanitize data:
Hard-wiping files on demand
This involves overwriting files that you want to, not just delete, but to destroy. Typically, the file will be overwritten several times before being removed. The filename will also be randomized that it even that can’t be recovered. It will then be removed.
This technique has certain caveats. For example, it is unlikely to properly destroy the data on sold state drives (SSDs) at the electronics level. This means that if a hacker has access to the physical device and the ability to forensically analyse the electronics, some or all data may be recoverable. However, it is sufficient to thwart software based “undelete” utilities.
Hardwipe is unique because it not only integrates cleanly with the Windows File Explorer, making it really straight-forward to wipe files on-demand, but allows entire folders and multiple files to be selected natural for wiping. Most other sanitization software will only allow you to wipe one file at a time. Hardwipe makes it easy to implement a good data sanitization practice by routinely sanitizing files on-demand.
Hard-wiping the entire device
A different approach is to overwrite the entire physical device. With traditional hard drives (HDDs), this represents a very reliable approach because it will wipe everything, including formatting information. However, with SSDs a certain amount of “slack space” may not be overwritten. Nevertheless, it has been found* that a full drive overwrite using a two pass sanitization scheme (or more) can be expected to destroy most of the data on the device, but should not be considered to be universally reliable.
While not an issue with HDDs, the flash memory elements in SSDs have a limited life in terms of erase cycles (around 3,000 to 5,000 cycles). For this reason, overwriting an entire SSD, or a large proportion of its storage area, should be a task performed only sparingly.
*Source: Michael Wei, Laura Grupp, Frederick E. Spada, and Steven Swanson of the University of California, Reliably Erasing Data from Flash-Based Solid State Drives.
Cleaning free drive space
In this, all free space on the drive is intentionally filled up with dummy data. This is quite a neat trick because it effectively overwriting any previously deleted data that, although no longer accessible by the file system, still physically resides on the device. It does not delete existing file data, however.
The same consideration applies to SSDs as with device wiping – this is not a task you would want to do very often.
No Comments Found