2.8 - Data Destruction

Question 1

Physical destruction

Answer 1

• Shredder
  – Heavy machinery - complete destruction
• Drill / Hammer
  – Quick and easy - Platters, all the way through
• Electromagnetic (degaussing)
  – Remove the magnetic field
  – Destroys the drive data and the electronics
• Incineration - Fire hot.

Question 2

Certificate of destruction

Answer 2

• Destruction is often done by a 3rd party
  – How many drills and degaussers do you have?
• Need confirmation that your data is destroyed
  – Service should include a certificate
• A paper trail of broken data
  – You know exactly what happened

Question 3

Disk formatting

Answer 3

• Low-level formatting
  – Provided at the factory
  – Not recommended for the user
• Standard formatting / Quick format
  – Sets up the file system, installs a boot sector
  – Clears the master file table but not the data
  – Can be recovered with the right software
• Standard formatting / Regular format
  – Overwrites every sector with zeros
  – Default for Windows Vista and later
  – Can’t recover the data

Question 4

Erasing data

Answer 4

• File level overwriting
  – Sdelete – Windows Sysinternals
  – Remaining files are still available
• Whole drive wipe secure data removal
  – DBAN - Darik’s Boot and Nuke
  – Removes all data on the drive
  – Use the drive again
• Physical drive destruction
  – One-off or industrial removal and destroy
  – Drive is no longer usable

Question 5

Hard drive security

Answer 5

• 2019 study from Blancco and Ontrack
  – 159 storage drives from eBay
  – 42% of the used drives contain sensitive data
• Different data types
  – 66 drives had data, 25 drives with PII
• Varied data sources
  – Travel company email archive
  – Freight company shipping details
  – University student papers
  – Audio, video, and other personal files