/ How to

How To Securely Erase and Wipe Data From a Hard Disk Drive

Introduction

When disposing of or repurposing old hard disk drives (HDDs), it is crucial to securely erase the data stored on them first to prevent sensitive information from falling into the wrong hands. This article provides best practices and step-by-step instructions for securely wiping HDDs on Windows, Mac, and Linux systems before disposal or reuse.

Why Secure Data Erasure is Necessary

Simply deleting files or formatting a hard drive does not permanently erase the underlying data. Deleted files can often be easily recovered using data recovery software. The only way to reliably prevent this is to overwrite the drive with new meaningless data. This renders previous data unrecoverable even using advanced forensic data recovery techniques.

Data breaches from the improper disposal of storage devices containing sensitive data are an ongoing issue. Failing to properly wipe HDDs puts confidential data like financial records, medical history, or personal information at risk of exposure.

Data Erasure Standards and Methods

There are a few common standards for securely erasing hard drives:

  • DoD 5220.22-M – U.S. Department of Defense standard that requires overwriting all addressable locations with a character, its complement, then a random character. This is done 3 passes[1].
  • NIST 800-88 – National Institute of Standards and Technology guidelines recommend purging media by cryptographic erase, block erase, or overwriting with random data[2].
  • Gutmann Method – Complex 35-pass overwrite pattern developed in 1996. Largely unnecessary for modern drives[3].

Most experts agree that overwriting HDDs even just once with random data is sufficient to prevent any useful recovery of deleted files[4].

Best Practices

Follow these best practices when wiping hard drives:

  • Use drive erasure software – Relying on built-in formatting tools is not secure enough. Use software specifically designed for drive erasure.
  • Overwrite entire drive – Simply deleting partitions or volumes will not suffice. The whole drive surface must be wiped.
  • Verify erasure – Quality erasure tools will verify the overwriting process completed successfully.
  • Destroy unrecoverable drives – Drives that cannot be erased should be physically destroyed by shredding or crushing.

Securely Erasing Hard Drives on Windows

Here is how to securely erase HDDs on Windows:

  1. Download drive erasure software Popular Free Tools:
    • DBAN (Darik’s Boot and Nuke)
    • HDDerase
    • KillDisk
    • Eraser
  2. Connect the drive to be erased If erasing the primary system drive, create a bootable CD/DVD or USB drive with the erasure software. Otherwise, connect the secondary HDD internally or via USB.
  3. Boot from the erasure media (skip for secondary drives) Change BIOS settings to boot from the CD/DVD drive or USB port where erasure media is connected.
  4. Select the erase method Suggested methods include:
    • Quick Erase – 1 pass overwrite with zeros
    • DoD Short – 3 pass overwrite
    • PRNG Stream – 1 pass random overwrite
    More passes are better but slower. A single pass is usually sufficient.
  5. Select and verify the drive Carefully pick the correct hard drive to wipe from the list of available drives. Avoid erasing any drives containing important data!
  6. Perform the wipe Start the erasure. This can take from several minutes to a few hours depending on drive size and method.
  7. Verify erasure (optional) Quality software like DBAN will indicate if any bad sectors could not be overwritten. Drives with bad sectors should be destroyed rather than reused.
  8. Dispose or reuse securely Safely dispose of wiped HDDs or repurpose them without concern for leftover sensitive data!

Securely Erasing SSDs and USB Drives

Solid-state drives (SSDs) and USB flash drives require special handling for secure data destruction. Their wear-leveling technology and robust construction necessitate alternative techniques:

  • Use manufacturer secure erase tools when available
  • Encrypt entire drive then destroy key
  • Degauss magnetic media using strong magnets
  • Physically destroy media

Refer to NIST 800-88 guidelines for appropriate sanitization methods based on device and data type[2].

Conclusion

Failing to properly erase confidential personal or business data from HDDs prior to disposal or repurposing puts that information at risk of exposure. Use quality drive erasure software to overwrite entire drive surfaces with meaningless data using standards like DoD 5220.22-M or NIST 800-88. Verify erasure, then safely reuse or dispose of the sanitized media. Implementing secure data wiping best practices is crucial for preventing devastating data breaches.

References

[1] U.S. DoD 5220.22-M ECE data erasure standard
[2] NIST 800-88 Media sanitization guidelines[3] Secure data wiping – University of Cambridge
[4] NIST: Special Pub 800-88 Rev 1 – Guidelines for Media Sanitization (2014)

Related Posts