Data security of discarded electronics

Note: This post was written by SEI staff, Aida Sefic Williams.

One of the most common concerns regarding electronics recycling and disposal is the issue of data security. As people use online banking and other online payment system, the concern for data security is legitimate. Personally, I would not want to recycle a computer knowing that I may be risking identity theft – and I think that many will agree. The same also extends to larger companies and corporations, who may have very sensitive data on their computers, such as employee social security cards, proprietary information, detailed budget breakdowns and more. The need for data removal was pointed out in a New York Times article titled “Deleted but not Gone“.

So how does one secure data left in obsolete computers? There are three main options 1) “Soft” data removal, which keeps the hard drive in tact; 2) Physical hard drive destruction (hard drive + hammer = data security); 3) degaussing. No one will argue that physical hard drive destruction will lead to data security. Degaussing is also a way to remove data securely. Essentially, degaussing will de-magnetize the hard drive, destroying all the data and rendering the hard drive useless. “Soft” data destruction is a bit more contentious.

According to Peter Gutmann, data should be overwritten 35 times in order to effectively remove all data. Additionally, the US Department of Defense states that data should be erased and overwritten 7 times, in order to effectively remove all data. In addition, the National Institute of Standards and Technology offers detailed Guidelines for Media Sanitization. But which of these is correct, and is it possible to only erase data once in order for it to be effectively removed?

According to Lidija Davis, both Windows and Apple offer programs that will effectively remove all data. eHow lists Darik’s Boot and Nuke software as the main option to remove data securely while maintaining hard ware functionality. Additional data erasing software includes Active@Kill Disc Hard Drive Eraser, Acronis Disc Cleanser, and Blancco. Additional information about hard drive security and data erasure can be found through TechSoup Global’s article titled “Obliterate Hard-Drive Data with Disk-Wiping Software“.

The software deletion programs listed above are only some examples and should not be viewed as an advertisement or support for any software company or data removal method.