Secure Deletion of Sensitive Data

Standard file and disk deletion tools in most operating systems are not sufficient when deleting sensitive data. Usage of software that will do a multi-pass erase and overwrite on the data in question is recommended, with single-pass software that overwrites the data with random (or pseudo-random) data is acceptable.

Some tools to consider:

Mac OSX 10.4 (Tiger) Secure Empty Trash feature - If a file is being removed that includes sensitive data, use the Secure Empty Trash feature instead of the standard Empty Trash. This will overwrite the file with pseudo-random data.

Eraser (http://www.heidi.ie/eraser/)-Win32 open-source data erase tool.

Darik's Boot and Nuke (http://dban.sourceforge.net/)- Bootable floppy/cd image used to completely erase all data on all partitions on a drive. Contains several methods of erasure, but the DoD 5220-22.M Standard Wipe is preferred. Good situations to use this is when a drive and/or system is no longer going to be used for storing sensitive data, or when a drive or system is being sent offsite for repairs.

 

August 24, 2006