There may be circumstances where the destruction of a storage device is the best way to keep the data safe. In this video, you’ll learn about physical destruction options, formatting best practices, and the importance of a certificate of destruction.
The data that we keep on our storage devices can be very valuable, and there may be times when we want to be absolutely sure that nobody else can gain access to this data, especially on storage drives that we’re no longer using. And one of the most effective ways to provide this type of assurance is physically destroying the storage device. And there are many different ways to provide this type of storage destruction.
One of these ways is to use a drill, or a hammer, or anything that would destroy the media itself. It’s relatively easy to drill a hole through the platters of a hard drive, and that would effectively prevent us from recovering any data from this hard drive. If you have a lot of drives that you need to destroy, you might want to use some industrial equipment, such as a shredder. You throw the drives into the shredder, and it will grind them up into smaller metal pieces.
For spinning hard drives, you could also use a very powerful magnet known as a degausser. This will remove the magnetic field associated with this drive. It removes all of the data from the drive, and it renders the hard drive itself unusable going forward. Unfortunately, degaussing does not work for SSD drives or flash memory drives. And one way of ensuring that this drive will never be used again is to throw it in an incinerator.
But there may be times when you would like to repurpose this drive. It’s a perfectly working hard drive or a perfectly working SSD, so we should be able to delete all of the data on that drive in a way that we can feel is secure and will prevent anybody gaining access to any of that previous data. One of the ways to do that would be to use a file level overwriting. For example, on the Microsoft Windows sysinternals site, you can download a utility called Sdelete. This will securely delete files and prevent anyone from recovering that data later.
And of course, you can perform a similar function across the entire drive using specialized utilities, such as DBAN. That stands for Darik’s Boot and Nuke. This will delete all of the data across the entire drive and allow you to use that drive again. These utilities work very well for a hard drive, but unfortunately, an SSD can often store information outside the scope of a file system, rendering these types of file-level deletion utilities relatively worthless.
Another way to delete everything on a drive is to format it. When you receive a hard drive from the factory, it has been preformatted with something called a low-level format. This is usually a feature or a function that is not available to the end user, and is usually only done in the factory. When we receive the drive, we’re able to put a file system on that drive, and we can format that drive with the file system.
There are a number of different formatting options available. One is a standard format. You might also see this referred to as a quick format. This will build the index for the file system. It will install a boot sector on the drive, but it’s only clearing out the index to the data, and it’s not actually deleting the data that’s in the other part of the drive. If you do have the right software, you will still be able to recover all of the data after a quick format.
The default format type in Windows is called a standard format or regular format. This will not only clear out your index, but it will go through every sector on the drive and overwrite all of the data that was previously there. This does take a bit of time to go through every single sector that’s on the drive, but once it’s done, you have a completely clean drive and no way to recover that previous data.
Obviously, physical destruction of the drive is one way that you can be assured that none of that data will be available again, but it may seem a bit of a waste to take a perfectly working drive and destroy it. But if you work for a financial services company or you work in health care, you might want to be assured that no one would ever gain access to any of that sensitive data. So although the end of this destruction process makes a device that can’t be used anymore, we can be absolutely sure that that data will always remain safe.
And in some cases, you might be legally required to destroy that drive to ensure that all of that information is secure, and that nobody else can get their hands on that sensitive data. If you have one or two drives a month that need to be destroyed, you might be able to do that yourself with a hammer or with a drill. But if you’re a large organization that has thousands of drives that you need to destroy every month, you might want to hire a third party to provide that service.
Of course, you still need to be assured that all of that data will be properly destroyed, and you need some way to hand this drive off to the third party, but still get reassurances that all of that information is no longer available. These third party providers will commonly provide a certificate of destruction. This is a document that shows that they received a particular drive, they destroyed the drive, and they have evidence to show that all of that data is no longer available. If you’re using a third party to provide this type of destruction service, you might want to also require that they provide a certificate of destruction.
This might be a bigger problem than you may realize. In 2019, there was a study from Blanco and Ontrack that took 159 storage drives that they purchased on eBay and evaluated what type of data was on those drives. 42% of those used drives had some type of sensitive data on the drive itself. 66 of those drives had some type of data. 25 of those drives had personally identifiable information.
And it was many different types of data that they found on these drives, information from a travel company, freight company information, student papers from a University, and video, audio, and other personal media files. This is another reason why it’s so important to consider all of your options when it comes to decommissioning your storage drives.