Five ways to destroy your data
The upward climb of cybercrime is proof that your data is in demand – be it from hackers, phishers or malware.
While internet-related crime poses the biggest risk, your data is also exposed when it is not only offline, but also outside of your computer. The insecure disposal of old hard disks, USB memory sticks and even CDs could be putting your data, your business and your bank account on the line.
The solution is a simple one: destroy your data before you take your old computer to the recycling centre or sell it on eBay. Here are our top five ways to do just that.
1. Overwrite it
They say that a little knowledge is a dangerous thing, and when it comes to deleting data that’s certainly true. Deleting files and folders before disposing of a hard drive does not delete the data, it merely deletes the information telling the OS where those files can be found. Cheap file recovery applications will find the data sitting in those blocks that the OS marks as not in use.
What about formatting? Well a quick format does much the same as a file deletion and is equally futile in terms of data protection. A full or low-level format is better, as it overwrites a series of zeros to the drive which prevents most cheap file recovery tools from being able to read the disk. However, a formatted drive doesn’t prevent professional forensic tools from recovering the data using clever magnetic measurement techniques.
The answer is to overwrite the data at least three times, preferably more to be on the safe side. I prefer to use the Gutmann method, which writes a series of 35 patterns over the hard drive. There is a theoretical argument about how the data could still be recovered, but in the real world it’s as safe an overwrite method as you can get. My preferred vehicle for applying the Gutmann secure algorithm is a free tool aptly called Eraser.
2. Smash it up
If you want to be absolutely sure that nobody can get at your data, then you must physically destroy the hard drive upon which it is written. More accurately, you want to destroy the platters within the hard drive.
Don’t destroy, encrypt!
There is one very simple method to save any worries about whether the data you left on your drive was properly destroyed, and that is to encrypt it in the first place. Implement a secure data strategy from the get go, using strong encryption for everything you write to your drives, and even if someone was able to reconstruct the data after you had disposed of it they still wouldn’t be able to make any sense of the actual data itself.
Companies dealing with certain government agencies and other highly paranoid organisations will employ the use of a drive shredding facility. These not only have machines, a bit like a paper shredder on steroids, which can turn a hard drive into a bucketful of metal shards, they also mix those shards with other shredded drive shards before disposal, thus making it almost impossible to reassemble the original.
These shredding services are hugely expensive and out of reach for the average business or home user. That doesn’t mean you cannot achieve acceptable levels of drive destruction on a DIY basis though. The usual ‘try this at your own peril’ warning applies, and relevant eye protection and gloves should be worn before attempting this.
What you need to do is stop the drive platters from being able to spin in the drive, and you can achieve this in several ways: hammer large nails through it, use a sledgehammer to pummel it into an unrecognisable mess, take an angle-grinder to it and cut that baby in half or (being perhaps most careful of all) dunk the entire thing in a container of dilute hydrochloric acid. You could even employ the Heath Robinson-style services of a device such as the Bustadrive.
Easiest of all though is to simply unscrew the hard drive using a Torx screwdriver and remove the platters which can then be sawn or sanded into submission. Memory cards and USB sticks can also be ground into the data graveyard using the sanding technique: just open up the casing, remove the electronics inside and set to work!
3. Demagnetise it
Simply running a big cartoon-style magnet over a hard drive will do diddly squat to your data. The same goes for USB memory sticks and SSDs, as there’s nothing remotely magnetic about such data storage methods. Only 3.5in floppies are at any risk from strong magnets, but if you’re still using those, you’ve got bigger worries than disposing of your data securely.
Demagentising, or degaussing if you want to be technical about it, does work on hard drives as the data is stored by changing the magnetic alignment of areas of the disc platters, known as magnetic domains. Think of it as being similar to how a compass points in the direction of the Earth’s magnetic field; these magnetic data domains are changed to point in the direction of an applied magnetic field.