Computer Hard Drive |
Printer Hard Drive |
USB And Other Flash Media |
Flash Hard Drive |
Zip, Jaz and Rev disks
|
A hard disk (commonly known as a hard disk drive (HDD) or hard drive (HD)) is a non-volatile device which stores digitally encoded
data on rapidly rotating platters with magnetic surfaces. Hard disks hold more data and are faster than floppy disks. They can store
anywhere from 10 to more than 100 gigabytes of data
Hard disk drives are accessed over one of a number of bus types, including:
- IDE Integrated Drive Electronics /ATA (Advanced technology attachment)
- SATA Serial ATA
- SCSI Small Computer System Interface
- FC Fibre Channel
Hardware manufacturers often limit the use of the hard drive space for several reasons. In some cases the hard drive space is
limited in order to ensure better usability while in other cases the limitations are related to performance qualities.
|
|
Hard drive features that prevent access to the entire physical hard drive surface are:
- HPA Host Protected Area
- DCO Device Configuration Overlay
- Remapped sectors
- Meta data in Redundant Array of Independent Disks (RAID) configurations
NOTE: These areas could contain sensitive data therefore careful measures must be taken to ensure than data is also removed from
these areas. An overwriting tool that is able to access all areas on the hard drive is critical in ensuring a complete erasure.
Existing methods of removing data from computer hard drives
| |
Software overwrite |
Degauss |
Physical Destruction |
| Description |
Involves using a special application to write patterns of meaningless data onto each of the drives sectors.
This process works by overwriting the data with a combination of 1΄s and 0s. The level of security depends on the number
of times the entire hard drive is written over. It is best to use certified software that provides detailed reporting of
the erasure process such as Blancco software. |
Involves using a machine that produces a strong electromagnetic field to destroy the data on the hard drive. |
Can be accomplished using a variety of methods, including disintegration, incineration, pulverization, shredding,
melting, sanding, and chemical treatment. This method does not actually destroy data but makes the drive inoperable
preventing data recovery. It should be carried out at an approved facility by trained and authorized personnel. |
| Advantages |
- Drives can be reused
- Increases the remarketing value of the computer
- Can be deployed over the network to target specific PCs. Erasure reports can be sent to a central database offering centralized management.
- Software tools that provide detailed reporting of the erasure process are able to validate the erasure of every PC erased.
- Convenient way to erase data
- Can be performed in-house eliminating the risk of media being stolen during storage or transit to a third party.
|
- Capable of destroying all the data on the hard drive
- Can be used to destroy data on a variety of magnetic hard drives irrespective of the drive interface
- Fast and simple process
- One time investment
|
- It is an effective way of destroying data if carried out correctly
- Large amounts of media can be destroyed at once
|
| Disadvantages |
- Cannot be used if the media is damaged or is not writeable.
- Overwriting software that are unable to erase data on the locked/hidden sectors perform an incomplete erasure compromising data security.
- Overwriting software that operate through the BIOS/OS perform an incomplete erasure leaving some of the data still intact
- Overwriting software that do not generate detailed reporting of the erasure process are unable to provide a gapless audit trail
|
- Modern hard drives use thicker shielding and require a much stronger electromagnetic field in order to ensure a complete erasure
- No way to guarantee that a particular degaussing machine is strong enough to destroy all the data on every hard drive
- Hard drives have to be physically removed from the PC
- Hard drives cannot be reused
- Other components of the drive are also damaged making it difficult to verify the erasure process
- Degaussing machines are expensive and special care must be taken to protect nearby equipment
- Often involves using the services of a third party. Theft and uncontrolled handling can lead to unauthorized exposure of confidential data
- Degaussing does not provide reporting of the erasure process which is needed to prove regulatory compliance
- Reduces the remarketing value of a PC
- Can only be used on magnetic media
|
- Physical destruction does not provide reporting of the erasure process which is needed to prove regulatory compliance
- Hard drives cannot be reused and is therefore not an environmentally safe approach.
- Reduces the remarketing value of the PC
- Usually has to be outsourced to a third party therefore compromising data security as theft and uncontrolled handling can lead to unauthorized exposure of confidential data
- The time period between the physical destruction of hard drives can create an internal storage and security challenge.
- If not carried out correctly data can still be recovered from small broken, fragments of the hard drive
|
|