With stories of data theft hitting the headlines, organizations need to do everything in their power to ensure confidential information doesn’t end up in the wrong hands. However, what a lot of people fail to realize is that many cybersecurity breaches are caused by insecure storage devices that haven’t been properly discarded. Deleting files and formatting old storage drives simply aren’t enough.
Why Erasing Hard Drives Doesn’t Work
Most people assume that emptying the contents of the recycle bin or formatting a hard drive removes data entirely. However, this is simply not the case. Whenever you delete a file or format any data-bearing device, all that happens is that the file system frees up the previously occupied space. Even if you bypass the recycle bin by using the Shift-Delete shortcut, the result is still the same. In other words, they don’t really delete anything.
The original data will remain on the drive until other data overwrites it. Due to the way modern storage devices work, there’s no way of knowing when this will happen, unless you specifically overwrite every sector on the drive with new data. During everyday operation, there’s no guarantee this will ever happen.
Some people instead opt for a secure deletion application, but these aren’t perfect either. This is because files tend to be fragmented such that the data ends up being stored in multiple physical locations on the disk. Sure, you can run the disk defragmenter before attempting to securely delete a file, but that’s not especially secure either, and it’s not suitable for solid-state drives.
Formatting a drive works in a similar way. Once the formatting process is complete, the drive still appears empty even though the only thing that actually changes is the file system, which marks the entire capacity of the storage device as available. It can take months or even years of everyday use for all the old data to be overwritten.
What About Overwriting the Drive?
A common solution is to simply fill the entire writable storage space on the drive with zeros, thereby overwriting the original data. However, even that’s not sufficient for meeting data sanitation standards like those required by compliance regulations. Secure hard drive erasure, as per the US DoD 5220.22 standard, for example, requires three passes in total.
The first pass involves overwriting the drive with zeros before verifying the write process. The second involves doing the same but with ones, while the final pass uses random combinations of ones and zeros before carrying out a final verification. There are many third-party applications that can securely wipe your old storage devices in this manner, but it can take many hours to wipe a single hard drive. However, this is hardly practical if you’re recycling or discarding drives from an entire data center.
How Data Encryption Can Help
A much more efficient way to secure your data is to enable encryption for the entire drive. The Pro, Enterprise and Education editions of Windows 10 feature built-in support for full drive encryption in the form of BitLocker. Other systems, such as Linux, also feature optional encryption, while Chrome OS-powered devices have encryption enabled by default.
With your entire hard drive encrypted, it will be impossible for anyone to gain access to its contents, whether it has been deleted or not. By encrypting the drive, you’ll also be able to continue using it or safely dispose of it without having to carry out lengthy secure erasure operations.
Encrypting a drive as per the AES-256 standard is extremely effective for securing your confidential data, and it meets all compliance regulations. Even with some of the world’s fastest supercomputers using a brute-force attack, it would still take up to 3×1051 years to crack the key!
Of course, another sure-fire option for securing deprecated hard drives is to physically destroy them, which tends to be the most practical method if you will never need them again.
Here at Dyrand, we understand modern businesses’ need for secure and effective technology. That’s why we provide worry-free IT services so you can stay focused on your business. If you’re ready to start doing more with technology, give us a call today.