Methods of Securing Data—What Works, What Hurts?
Let’s face it: you have a computer, so you have a data security problem. Every person who owns a computer, tablet or smartphone does. And if you run a business, you have the same problem, and your security picture is much more complex.
As the news often tells us, data hacking is common, and hackers are becoming increasingly sophisticated in their methods. They consistently outpace IT professionals in identifying security weaknesses and successfully hacking systems to retrieve sensitive data in myriad ways. Once these breaches affect customers and reach the headlines, a company sustains reputational damage that affects the bottom line but can never be comprehensively measured in dollar amounts. But as sales numbers go down and stock value drops, the damage is nonetheless real, and frequently very significant.
The experience of the last 15 years, including dozens of now-famous security hacks, shows us that there is no certain method to keep data secure while a computer is in use. But well-planned security practices can prevent many hacks in a company, and diligence is crucial. Consistent internal education, current antivirus software and commonsense methods for preventing many potential data leaks all help narrow the security gap during a computer’s life.
Computers, however, do not last forever, and to keep up with the ever-evolving demands of the business world, they must be replaced and their hard drives disposed of securely. When a computer is retired, there is a range of methods to protect the data on the hard drive. Determining which one is best for your business depends on the effectiveness and accessibility of each option.
Understanding Data Remanence and Methods of Securing Data: Reformatting, Overwriting and Degaussing
Data Remanence
When data is retained on a hard drive after an erasure attempt, this is known as remanence. As a data security consideration, it is of extremely high importance and is a frequent cause of data security breaches.
Reformatting
Reformatting is widely understood as ineffective in data security because rather than wiping a disk’s data clean, it simply clears the file directory and breaks the links between storage sectors. User data is not erased, but stays on the disk until the storage sectors are successfully overwritten. In terms of cost and accessibility, reformatting is free of cost if the operating system disk is available. It should never be relied upon as a data security measure and any data on the drive prior to reformatting should be considered remananent.
Overwriting
Overwriting has been somewhat effective as a data security measure, though some recent advances in disk drive technology may be changing that. Software for overwriting is fairly simple to use and easy to access since it can be purchased, downloaded and implemented from a computer’s keyboard. Software that overwrites hard drives, however, is unreliable in that it is susceptible to error and malware, and needs frequent adjustments for new hardware and evolving computer operating systems. In addition, overwriting software is most effective for a business when it supports a variety of drives. Unfortunately, most commonly available overwriting software packages support only limited kinds of drives, so they tend to offer an incomplete solution. In fact, the use of commonly available overwriting software has been identified as a primary reason that data leaks occur.
Another concern stems from the occasional inaccessibility of certain areas of the hard disk. If this happens (often the result of degradation in a given area), the data in this area cannot be overwritten, and remains on the disk. Degaussing is more effective in these cases.
Degaussing
Degaussing works by exposing the disk’s magnetic coating (the medium for recording data) to a magnetic field, demagnetizing the drive in the process. If done correctly, this method renders the drive blank, and unreadable by any computer or diagnostic laboratory. In many cases, degaussing is a truly complete way to protect data. Once a disk is degaussed, it is unusable and cannot be remarketed.
As for cost, degaussing machines can be expensive to purchase, though rentals are more affordable. A review of prices shows that rentals are cost-effective when a company has many drives to sanitize, around 15 to 20 drives or more.
But there are drawbacks. Hard drives in the past five years have been developed with increased density and thickness to store more data. Not all degaussing machines are equipped to demagnetize these high-linear density drives, so selecting the correct machine is more complicated than in the past. In addition, “hybrid drives” are entering the market on laptop computers. They contain flash memory write cache on hard disk drive circuit boards. Degaussing does not erase data on these memory chips. As hybrid drives become more common, degaussing will become less useful in securing data.
One Simple Solution
This survey of data security measures applied at a computer’s end-of-life shows that these methods are imperfect, incomplete or susceptible to operator error. Is there a 100% secure, accessible way to secure data on a hard drive when a computer is replaced?
Yes. Physical hard drive shredding is an affordable, permanent way to secure data regardless of potential data remanence. For a few dollars per drive, companies such as RenovoData Services in Edina, Minn., machine-shred computer hard drives into small pieces that are impossible to retrieve data from, and impossible to reconstruct. Therefore, a shredded drive is useless to potential data scavengers in any circumstance, and security is permanent.
Data security problem? Solved.
