Protect Your Deleted Data
Having been given a bunch of PCs from a dentist, to be passed on to needy second owners, the first thing that came to mind was data security. Each PC had a copy of the dentist’s client database, and that had to be removed. More to the point, it had to be permanently removed.
One way of doing this is to strip out the hard drives and destroy them. New hard drives can be put in, and Windows reinstalled. However, that is a little wasteful, costly and takes a not-insignificant block of time.
Instead, I looked for some way to shred the files on the hard drives, and I discovered an excellent Open Source tool for doing this – Eraser.
Now, it is worth describing what the actual problem is here, because it is not obvious. When a file is deleted on Windows, it gets moved to the recycle bin. That means it does not actually get deleted, but instead just gets moved out of the way. At any time you can restore those deleted files.
The recycle bin can be cleaned out or emptied and that will delete the files completely. However, it does not erase the data in the files – the data is still there, and anybody with the technical know-how can recover that data from those files. How can that be?
Files stored on a hard disk consist of two parts: the data and a name in a folder. The name points to the data like an index card in [an older] library points to where a book can be found. Just as you would be able to rip up the index card without the book disappearing from the library, you can remove the name of a file without its data disappearing. All that happens when you delete a file is that the name is removed from its folder, but the data is still there.
The hard disk area where the data is stored is marked by Windows as “free”, so it will eventually get over-written, but there is no guarantee for how quickly this will happen.
So what can be done? This is where Eraser comes in. What Eraser will do is shred the file contents by overwriting it with rubbish – random characters. The idea is that once this is done, there will be no evidence left of the file contents. You can tell Eraser to erase files and folders that currently exist, or you can tell it to go through all the hard disk that is marked as empty, and shred every byte of that disk.
That is what I am doing with the dentist’s machines, and I am now happy that client’s personal details will not get out in the wrong hands.
This subject does go a lot deeper than this when you look at forensic security. For example, data that has sat on a hard disk for a long time, can “sink” deeper into the disk surface and be recoverable by some organisations, even after it has been over-written. However, considering the specialist equipment and skills needed to do that, I can’t see dental records being worth that much effort.
If you do use Eraser, do make a donation. Even a couple of pounds or dollars will help to support this great project.