That old Pentium that is five years old has finally got to go. It's been sitting taking up valuable space in the back room. You've called a nearby school and they would love to have you donate it to them. So you instruct your Office Manager to have someone take a look at the files on the hard drive and make sure any subdirectory where documents were saved are erased. It's ready to be donated, right?
Firstly, unless you empty the recycle bin, your files are immediately retrievable by clicking on the recycle bin and instructing it to restore the deleted files to their original locations. Next there are locations on the hard drive called the "swap" file that can save copies of recent files. Using software available from a local store at a price of $39, Norton Utilities can easily recover erased files. Whenever you delete a file, you are only deleting the location of the file in the File Allocation Table or FAT. This is your hard drive's "table of contents", the place on your computer where the location of the actual data is indicated. You delete the file name in the "table of contents", but you are not actually deleting the actual data. Thus this data is not erased until another file or other data is written over the top of it. Furthermore, recent programs such as "Go Back" can further archive copies of data.
Certain applications including Word processing programs will litter your hard drive with temporary files. Thus, when you delete that file, then empty the recycle bin, you are only deleting the last copy. All backup and temporary files remain on that hard drive.
There is a further way that data is saved. Files are saved in "clusters". If another file writes over these clusters, it may not totally fill in the former file space. Thus, someone with a little patience could read that previously written data even if part of it is written over with another file.
On a recent posting to a well known hacking list serve, a poster by the name of "Bobcat" instructed readers to visit the local landfills or swap meets and obtain old hard drives. He stated that based on the sensitive data scavenged on these hard drives, he felt sure that he could horrify attorneys and accountants and obtain contract employment instructing them regarding proper disposal procedures.
You decide to be cautious and bring in the computer guru to format and defrag that hard drive. That should be enough to permanent delete that data, right? Unfortunately, reformatting or deleting partitions will not even remove that sensitive data.
When the United States Navy declassifies a hard drive they perform the following procedures using Norton Utilities for an IDE hard drive
http://www.nswc.navy.mil/ISSEC/Docs/AISSO/nt_ovrwrt.html
1. Create a bootable diskette copying over to it Fdisk.exe and Format.exe.
2. Copy Wipeinfo.exe, Wipeinfo.hlp, Nlib200.rtl, Nusetup.cfg, Diskedit.exe
3. Boot the computer using the bootable diskette
4. Run the Fdisk.exe program and create new partitions on the hard drive.
5. Run the Format.exe on each partition created.
6. Run "Wipeinfo/gov:[drive letter]
7. This will overwrite the hard drive with data so that all sensitive data on that hard drive is irretrievable.
8. If Wipeinfo reports any "bad sectors" while overwriting the hard drive, the US Navy will not de-classify the hard drive.
9. Ensure that the overwrite has completed properly by using the Diskedit program with the "/M" switch. Verify a minimum of 10 sectors.
Sounds extreme, doesn't it? But consider how usual it is to now use paper shredders in our offices. Carbon paper and discarded documents in trash cans have been used to steal identities, credit card numbers, bank accounts and other critical information.
Bottom Line:
The damage in reputation that accountants and attorneys could suffer if sensitive data was found to be retrievable is nearly as costly as the damage itself. Take time to permanently destroy any data on a hard drive that your release from your possession.
11:02:47 PM 
|
