Disk Fragmentation Really Is a Security Threat


Bear with me, there is a reason to my madness. I define disk fragmentation as, "the uncontiguous storage of data that spans multiple disk sectors." There may be some redundancy here, but you get what I mean. Why would data become uncontiguous, you ask? This is inevitable as we add, delete and change information stored on our computers. When we take a new computer and turn it on for the first time, all of the data on the hard disk is contiguous, or at least it should be. Adding information is not a problem. It's when we delete a file or increase its size that we introduce an issue. Every file deletion introduces a gap in the information stored on the disk. When we create a new file and the operating system tries to write the file to the gap that was created, the new file is bigger than the one deleted. It can write most of the file there but not all of it, so it has to fragment it and write the remainder to another area on the disk. The next time we open the file, the operating system cannot load the whole file at once; it must load the file in parts.


Most of us don't even think about fragmenting files. So where is the security threat? You are asking some good questions. I see several threats with this scenario:


  1. More wear and tear on moving parts as the system searches for files and fragments of files will eventually cause a disk to fail. Disks are built to run for a certain amount of hours. Fragmentation will decrease disk life and cause premature disk failures. Disk failures put data at risk.
  2. The performance of virus protection and encryption software could be an issue if virus protection signatures and encrypted files become too fragmented. Files that are too fragmented run the risk of becoming corrupted.
  3. If files are too fragmented, they take longer to back up. In general, when you prolong backups, you are asking for trouble.


I see two possible solutions: Use software to defragment, or use a file system that does not fragment as easily. Let's look at the first option using defragmentation software. Windows comes with defragmentation software. Don't use it. Enough said. It takes too long, and even after you finish a defrag and stop and restart Windows, it always says you need to defrag again. I'm not sure if this is a bug or not, but it is avoidable.


I like the Symantec Norton Utilities and Diskeeper tools. Both tools do an excellent job at defragmentation and are cost-effective. Symantec targets the consumer with its standalone defragger, but the product is solid for business use, as well. For a business suite, I recommend Norton System Works.


Option two is to use a file system that does not fragment as easily. Unfortunately, NTFS and FAT32 are notorious for fragmenting. EXT3, ZFS, Reiserfs, XFS, UFS and JFS are all file systems that do not fragment as easily as a Windows OS. However, you will have technical challenges using any of these with a Windows OS without knowledgeable help.


With either option, you might want to consider disk mirroring or a RAID configuration. In addition, once you defragment, make sure you have a good backup. As I said, disk fragmentation is going to happen but you don't have to let it affect you in a negative way. Stay in front of it.