Disposal of Computer Equipment Containing Sensitive Information
When you dispose an old computer, or throw away
a used or defective storage media such as a hard
disk or a floppy disk, are you sure that nothing
sensitive was left in that computer or storage
media? Are you sure that disposal or re-use of
such storage media will not cause data privacy
problems? Some people may think that the "delete"
or "format" command of Windows or other
operating systems is sufficient to erase the data,
but the reality is not.
This section provides information on data deletion,
and the proper way of disposing computers or storage
media in order to prevent unwanted disclosure
of information.
Delete and Format Commands
For data kept in electronic storage media, a
directory entry for that file is usually created
together with the file. When the file is deleted
using the "delete" command, it does
not actually destroy the data. It only deletes
the pointer between the directory entry and the
file so that space allocated to the deleted file
is free for storage of other files. The data contained
in the file remains in the media until it is overwritten.
By using commonly available utilities, it is possible
to retrieve the deleted data from the storage
media.
The "format" command also may not properly
erase the previously written data in a storage
media. This command creates an empty root directory
and a new blank indexing scheme for all allocation
units on the storage media making it available
for storage of new files. There are also commercially
available utilities to recover lost data from
storage media caused by accidental execution of
the "format" command.
Top
Overwriting
Overwriting data with appropriate number of passes
using suitable patterns can render the overwritten
information very difficult to be recovered. Commercially
available software tools and services are available
in the market to perform secure deletion by means
of overwriting.
This secure deletion software should be properly
configured and used. Only if no error is reported
during the erasure process, the data is completely
erased from the storage media.
Besides, if the media contains damaged or unusable
tracks and sectors which may inhibit the overwriting
process, the media should be physically destroyed
such as by means of incineration or pulverisation.
Top
Degaussing
Degaussing is a method to magnetically erase
data from magnetic media by exposing it to a strong
magnetic field. Degaussing usually takes much
less time than overwriting. Degaussing is useful
in situations where the hard disk is defective
and cannot be sanitised by the method of overwriting.
There are commercially available degaussers for
hard disks and magnetic media. During the degaussing
process, the degaussers have to be operated at
their full magnetic field strength. The product
manufacturer's directions must be followed carefully
since deviations from an approved method could
leave significant portions of data remaining on
the magnetic media. Sufficient checks and balances
mechanisms should be in place for the degaussing
process. Sample check of the degaussed media should
also be performed by another party to ensure that
the degaussing is done properly. Besides, the
degausser should also be periodically tested accordingly
to manufacturer's directions to ensure that they
function properly.
Top
Physical Destruction
For storage media that cannot be sanitised by
means of overwriting or degaussing, physical destruction
such as by means of incineration (burn in high
temperature) or pulverisation (grinding to dust)
would be required. For highly sensitive information,
apart from sanitisation, it is also recommended
that the media be physically destroyed before
disposal.
|
English
