Sanitize, shred, smash rather than delete
1/22/2005Don t rely on the Delete key for removing confidential files from a computer.
Misconceptions about the Delete key can create serious problems for people who discard old computers, do personal business on company time, or share computers at home or work.
Almost everyone has some confidential files. They may include financial records, credit card or bank account numbers, business documents, or digital images.
Files people think have been completely wiped off the hard disk actually remain available for others to see. Getting at those files may be as simple as a mouse click on the Recycle Bin. Or it may take forensic analysis software used by law enforcement agencies and private investigators that costs thousands of dollars.
No matter. People determined to read deleted files can do it unless you go beyond Delete and sanitize a hard disk or shred files.
Most computers are configured so that Delete moves files to the Recycle Bin. Clicking the Recycle icon on your desktop produces a list of deleted files. Accessing the files is easy. Just right click on a file, and select Restore.
The Recycle Bin can be emptied. (Right click on Recycle and select Empty). Computers can be configured to bypass Recycle and delete files directly. (Right click on Recycle, select Properties, and click the box).
Even those operations, however, do not remove the file. Rather, the file s name disappears, and hard disk space holding the file gets marked now available for use. Undelete programs, however, can find and recover the file.
The contents remain until that hard disk space is overwritten. Even then, special programs may recover some of the original contents.
Reformatting a hard disk also may leave recoverable data.
Reformatting is a drastic step that involves erasing a hard disk and preparing it for a fresh start.
Permanently getting rid of confidential information is especially important before trashing an old computer, selling it, or giving it away. The new user may stumble onto confidential files, or look for them with special programs. What if a trashed computer is dead? It takes about 5 minutes to remove the hard disk, install it in another computer, and start reading the contents.
Researchers from the Massachusetts Institute of Technology in 2003 checked on whether computer owners protect themselves from such situations. They bought scores of used hard drives from eBay and second-hand computer stores, and checked for recoverable files.
They found plenty, including corporate memoranda about personnel issues; account numbers and transaction information from a hard drive used in an ATM machine; love letters; and pornographic digital images.
One simple solution is to remove the hard drive and smash it before discarding a computer.
Another is to use free or inexpensive file shredding or disk sanitizing programs. For lists, search those terms on the Internet.
Local stores also stock these programs. Look for programs that are DoD compliant. They meet standards set by the U. S. Department of Defense.