Data Destruction and Disposal – CompTIA A+ 220-1002 – 2.9

Disposing of a storage drive is important for keeping confidential data safe and secure. In this video, you’ll learn how to properly dispose of storage drives, how to securely format data, and methods for securely deleting individual files.

<< Previous Video: Securing Mobile Devices Next: Securing a SOHO Network >>

If you’re getting rid of a hard drive, you want to be sure that all of the information on that drive is not recoverable by someone else. In this video, we’ll look at ways of securely deleting data or completely destroying these hard drives.

Most of us don’t have access to an industrial shredder, but if you’re sending these drives to a third party to be destroyed, it’s very common that they’ll simply throw it into the shredder and destroy every component inside of that hard drive. If it’s something that you’re doing yourself, you can easily use a drill or a hammer to drill all the way through the platters making the hard drive [? inaccessible ?] by anyone else.

There are also devices that you can put the drive into that are electromagnets. You can turn on and off the magnet. That will effectively destroy not only the magnetic field that’s on the platters, but also all of the components that are part of the drive itself. And if you want to be sure that no part of the drive is ever usable again, you could, of course, use fire to make sure that nothing can be recovered.

If you’re an organization that has a lot of hard drives, you may not have the time to perform this destruction yourself, so you may contract with a third party to provide this service for you. If you do use a third party, then you want to be sure that all of your data has really been destroyed. So very often you will request a certificate of destruction that verifies that all of these drives have been completely destroyed by the third party. This not only allows you to get a verification that the drives have been destroyed, but you can always perform audits later to make sure you know that those drives are no longer accessible.

Instead of destroying the drive, you may want to use the drive again, but you want to be sure that all of the data on that drive is no longer accessible. In those cases, you may want to perform a format. But you want to be sure that you’re using the right kind of format to make sure that all of the data was really deleted. The format that is initially done by the hard drive manufacturer is the low level format. This is something done at the factory and it’s not a process you as the end user would ever perform.

The formatting available to the end user is a standard format, and there are two different kinds of standard formats available on Windows. The first is a quick format, which is able to quickly format and initialize the drive. All it really is doing, though, is setting up the file system, installing a boot sector, and then deleting the index of files that happens to exist on that drive. It doesn’t actually delete the data. It simply deletes the pointer to the data. And if you have the right software, you’re able to recover that data later.

The other type of format you can perform in Windows is a regular format. This will not only create the file system and install the boot sector, but it will go sector by sector on that drive, overriding every bit of data with zeros. This is the process that a regular format follows ever since Windows Vista has released. So all modern versions of Windows will always perform this overriding function if you perform a regular format. Since it’s overriding this data with zeros, there’s no possible way you could ever go back over that drive and recover any of that data.

For many organizations drive destruction becomes important so that situations like this don’t occur. This was a study that was performed in 2019 from Blanco and Ontrack, where they purchased 159 drives from eBay. 66 of those drives had some type of data on them, which means they were not deleted before they were sold, and 25 of those drives had personally identifiable information on them. Some of them have personal files and pictures and videos. Others had video from a hospital monitoring system, and many of the drives had information that should have never been sold over eBay.

If you don’t want to perform a regular format of a drive, you could at least use third-party utilities such as Sdelete, which can securely delete files and folders from a drive. You could also use a third-party utility to delete everything on the drive. A good example is DBAN, which is Darik’s Boot and Nuke. And of course, you can always individually destroy drives yourself or send large groups of drives off to a third party to make sure all of those drives are destroyed.