Decommissioning systems for disposal or resale requires the secure deletion of data originally stored on the drives; yet, the process of doing this is often based more in superstition than in science. These methods may have had some utility twenty years ago, but are not valid for newer drive formats.

Earlier moving frontward, in that location are a few considerations to be mindful of in this research.

  1. From a information security standpoint, destroying hard drives is preferable to wiping them. This is not always possible, and — depending on your level of precaution — you may want to wipe the drives before handing them off to a 3rd party for destruction.
  2. The data on the drive should be encrypted to begin with, especially on solid-state drives. Data recovery is basically impossible in cases where the bulldoze data is encrypted.

Mind to Gutmann: End performing 35-pass writes

In 1996, Peter Gutmann presented a paper on how to erase information on Modified Frequency Modulation (MFM) and run-length express (RLL) magnetic storage — the latter first used on the IBM 3370, which was released in 1979. Gutmann'due south work has been continually misinterpreted and poorly applied in standard disk wiping programs; the "35-laissez passer" arroyo to disk wiping is non recommended in Gutmann'south original paper — just a subset of the passes are intended for use, depending on the recording method of the drive in use.

The Gutmann method was intended to protect against everything except physical scanning, such as the utilise of a magnetic force microscope — the use of which in forensic data recovery would be an extremely arduous task. In any upshot, this provides no detail benefit for newer bulldoze technologies, such as racket-predictive maximum-likelihood (NPML) or shingled magnetic recording (SMR) for which Gutmann notes that "A good scrubbing with random information will do about every bit well every bit can be expected."

In the epilogues to that original paper, Gutmann provides practical insight and useful tips about data forensics and the secure erasure of modern disk drives:

"With modern loftier-density drives, even if you lot've got 10KB of sensitive information on a bulldoze and can't erase information technology with 100% certainty, the chances of an adversary being able to find the erased traces of that 10KB in 200GB of other erased traces are shut to zero.

For the software-merely selection, to delete individual files under Windows I use Eraser and nether Linux I utilize shred… To erase unabridged drives I use DBAN, which allows y'all to create a bootable CD/DVD running a stripped-downwardly Linux kernel from which you tin can erase pretty much whatever media."

And so, what near solid-state drives?

Aside from using the same Series ATA signaling — which is condign less pop with PCIe drives — solid-land drives have no mechanical resemblance to traditional magnetic hard drives; equally such, the methods used for magnetic hard drives are of no particular apply with this hardware.

In theory, doing a unproblematic overwrite would exist an constructive method of information erasure, merely the drive controller and wink transition layer (FTL) sit between the user writing data and the actual NAND fries, making it difficult to properly determine what the drive is actually doing. Every bit such, overwriting data only wears downwardly the lifespan of the bulldoze. To add to the problem, many newer solid-country drives utilize overprovisioning, making the raw NAND chapters invisible to the user — the controller but maps out blocks that accept excessive article of clothing, extending the life and performance of the drive.

The ATA Secure Erase control does exist, though a white paper from 2011 (PDF) (covered in greater depth on TechRepublic by Michael Kassner) indicates that merely four of the 12 tested drives performed this task correctly, making information technology likewise unreliable to be of use. Hopefully, this upshot has been rectified, every bit solid-country drives accept matured since 2011, though no current research into this specific event is widely bachelor. Every bit a result, information technology's not possible to know that data has been deleted unless the FTL can exist bypassed, allowing the NAND to exist directly manipulated.

In a paper (PDF) on solid-state drive technology, Gutmann offers this insightful advice:

"The best defence against data remanence problems in semiconductor memory is, as with the related problem of data stored on magnetic media, the fact that ever-shrinking device dimensions is making it more and more difficult to recover data from devices. As the 1996 paper suggested for magnetic media, the easiest fashion to brand the chore of recovering data difficult is to apply the newest, highest-density (and by extension most exotic) storage devices bachelor."

What's your determination?

How do you approach secure drive erasure in your organisation? Are yous solid-land bulldoze encrypted? Share your strategies in the comments.

Notation: TechRepublic and ZDNet are CBS Interactive backdrop.