While tremendous attention is paid to lost or stolen laptops, there are other ways in which data seeps out of organizations. One that can be prevented with good policies and enforcement occurs when devices are sold or discarded without the data they carry being properly erased.
Deleting data using the function on the PC or laptop is insufficient. The data remains. All that is removed are the markers that point to that data. Skilled -- and even not so skilled -- people who buy, steal or find the machines can recover the data.
Earlier this week, Disk Doctors launched the File Shredder utility. The product's mandate is to thoroughly decimate the drive in question. The company claims that File Shredder removes all file system traces and cleans the free space of the disk. It meets and exceeds a number of shredding standards, the company says. Parallel features include integration into Windows and the ability to shred automatically at specific times. The Stellar Disk Wipe Solution was introduced late last month in Asia. The program uses as many as 35 passes over the disk and stops hardware and software recovery tools. The system handles entire drives -- there is no need to specify individual files -- and previously deleted files, locked file systems and unused disk space are wiped as well.
Finally, Industrial Computing introduced the Guardian Model 37, a PDA designed for military applications. The device includes a "terminate" bottom for instantaneous data wiping. Few details are provided about the feature, however.
Many options existed before the introductions. Linux.com looks at open source approaches to cleansing files. The introduction points out that to completely eliminate data, it is necessary to overwrite every bit on the drive several times -- or melt it (which, presumably, wouldn't be good for the devices' resale value). The story goes into detail about an open source utility called wipe and mentions two others, shred and secure-delete. Links are provided to the three utilities.
This blogger makes several of the same points on the inadequacy of simply deleting files. and goes a bit further by saying that reformatting the drive is a better means of security, but still far from perfect. The writer agrees that the surest approach is overwriting the disk with random ones and zeros. He offers information on two leading programs. Darik's Boot and Nuke -- besides having a great name -- can be booted on a floppy or CD-ROM and uses several approaches to data destruction. The Eraser program removes all magnetic and solid state memory that, according to the post, allows overwriting with carefully selected patterns of replacement data.
After covering the same basic groundwork -- many of the articles on data wiping are remarkably similar -- this piece at Blog the Tech provides some deeper information. It says the government standard is "a medium security level application" specifying overwriting six times in three cycles. The first iteration removes files at the drive surface, the second registers zeros, and the third assigns the government-designated code of 246. The process is time consuming, according to the post.
It may come as news to some executives that hitting the delete key has limited effect. Company efforts to protect vital internal and customer data must find ways to truly erase that data -- or be willing to pay a steep price.