Having a strategy for reliably erasing data files is a critical component of managing data securely. Deleting files using operating system tools, or even reformatting a hard drive, will not irretrievably destroy the data. Sophisticated data recovery tools make recovering such deleted data trivially simple. Specialised file ‘shredding’ or ‘secure erase’ tools can reduce the risk of recovery to acceptable levels and may be used for moderately sensitive data.
Please note: the only way to guarantee that data is unrecoverable is to physically destroy the media it is stored on.
Traditional spindle based hard drives are magnetic storage devices and simply deleting a file does not remove it from the drive, it simply removes the pointer to the file. Files need to be overwritten repeatedly to ensure they are practically unrecoverable. There are various software options available that can securely delete files from hard drives. For example, AxCrypt, Eraser and WipeFile are free open source file and folder shredding utilities. Programs such as BCWipe and DeleteOnClick are examples of proprietary based file and folder shredding utilities.
Solid-State hard drives and USB flash drives
Solid-state hard disks (SSD) and USB flash drives (memory sticks) use a different technology to traditional spindle based hard drives. Therefore, the techniques for securely erasing files mentioned above cannot be relied upon. To erase SSD drives use the manufacturer’s delete utilities e.g. SanDisk SSD Toolbox, Intel Solid State Toolbox, Samsung Magician Software for other makes refer to the manufacturer’s website.
Paper and optical discs
Shredders certified to an appropriate security level should be used for destroying paper and CD/DVD discs. The German Institute for Standardisation (DIN) has standardised levels of destruction for paper and discs that have been adopted by the shredding industry. The UK government requires a minimum standard of DIN 4 for its material, which ensures cross-cut particles of at least 2x15mm.