Do you have unnecessary sensitive documents laying around? How about old electronic devices that have your data stored on them, but which you no longer use? In this article, you’ll learn how to properly and securely dispose of your data.
Why Do You Need to Destroy Your Data Properly?
Dumpster-diving for your private documents
Professional dumpster-diver Jim Stickley makes a living stealing trash. He is hired by large organizations to identify weaknesses in their security. In his book “The Truth About Identity Theft,” he describes how he could (if he wanted to) easily steal the identities of everyday people simply by going through their trash.
In an excerpt from his book published by Today, Stickley writes about one of his contracts. He was hired to find out whether members of upper management at a large financial institution were at risk of identity theft. “Each week I would snap on my rubber gloves and go through every item of trash: grocery store shopping lists, sticky notes with phone numbers, a private invitation for a little girl to a friend’s birthday party, and much more. As I continued to go through the managers’ trash, I was able to compile a list of their service providers: water bill, phone bill, gas and electric, cable, and so on. I could use this information not only to gain access into their lives but, if I wanted, to take over their lives.”
Imagine what he could do with your hard drive.
Discarded computers may be worth more than their physical parts
There have been numerous stories of secondhand computers sold on eBay and other online markets whose data wasn’t properly erased. In one case reported by The Guardian, a computer was sold with a list of the bank account details of customers of three UK banks. The computer had belonged to a data processing company that had not properly destroyed the data on it.
As reported by CSO, data erasure firm Blancco bought 200 secondhand drives from eBay and Craigslist in order to discover if people destroyed their data before selling their devices. Blancco found it could restore 78 percent of the data.
While you don’t know how your bank and third parties who work with them secure your obsolete data, you can protect the information on the devices you’ve grown out of at home and at work. It’s a start.
Data Destruction Methods
- Physically destroy — Without much ado, take a hammer to the equipment and dispose of pieces at different locations. This method is not 100% effective, but it would be an unbelievably dogged thief who managed to mine data from these discarded parts. If you do want to guarantee the 100% destruction of your data (such as intellectual property from your previous company, perhaps) you may need a specialist (see below.) Specialists shred your devices into pieces of about 2mm, but it can be an expensive option if you have multiple devices to destroy. Companies who shred your hardware and paper documents will also usually recycle them, and if you are the suspicious type, you can even watch them laying your data to rest
- Degauss — Uses magnets to destroy the data on a device. It is more effective than reformatting but renders the device unusable. It also means you won’t be able to confirm all the data has been destroyed
- Reformat — This is the most cost-effective option if you want to reuse the device yourself. It is not a secure option if you are selling on the device
Sensitive Paper Documents
For individuals, the most effective way to destroy paper documents is by burning them. If you have a lot of them, it could be messy and offensive to neighbors. The alternative is pulping them: Rip them up and then soak them in a large bucket of water with some bleach.
Sensitive Electronic Files
- Delete and reformat — In the old days, new users were warned not to reformat their drives as their data would be lost forever. Files on reformatted drives today are easily recoverable using free software. This method should only be used if you simply wish to repurpose your machine — for instance, as a hand-me-down to a family member.
- Wiping and overwriting — You can use a utility to overwrite your files and the empty areas on your drives where deleted files still lurk (see below.) Overwriting replaces files and disk space with 1s and 0s. The most effective application to do this do a number of passes to thoroughly obliterate information. This is the best option for home users who want to keep their computers clean or only wipe selected files
- Encryption — A good option if you want to secure files in the event of theft or from prying eyes. It is a bit like sticking them into a virtual vault. The only downside is you will have to remember the code to decrypt them
- Windows — Deleted files (those sent to the Recycle bin) are recoverable. While they appear to have disappeared, they are still there and can be retrieved using basic file utilities you can download on the Internet. To permanently get rid of them, you need to overwrite them and any free space on a drive where previously “deleted” files may still hang about. The fastest way to do this is using a tool.
There are plenty of open-source, easy-to-use tools for this purpose. The following are quick, compact and allow you to select individual files: Eraser (one-size-fits-all), FilExile (portable version available), BitKiller (drag-and-drop functionality) and DropIt (doubles as a file management tool to encrypt and compress files)
- Linux — Files can be erased permanently using simple command-line tools. Alternatively, you can use FastWipe, a nifty command-line utility
- macOS — If your Mac has an HDD: After deleting your files, use the Secure Empty Trash feature to obliterate the trashed files. The latest Macs have Solid State Drives (SSDs). Because of the way data is stored on these drives, deleting files is not 100% secure. In this case, the best option is to use built-in FileVault to encrypt your private data. A free option for destroying Mac files is Permanent Eraser. DoYourData (supports SSD and HDD, and storage digital devices) is a paid option with a cost-effective lifetime license of $29.99 (at time of writing)
Warning: Always scan downloaded applications for viruses before opening. Never assume they are safe.
3 Top Data Removal and Destruction Companies
Physically destroying your devices by taking a hammer to it is good enough for most people but does not guarantee your data cannot be recovered. Below are some links to professionals in the industry who can destroy your data in a secure and compliant way. They all recycle destroyed items and are certified by the National Association for Information Destruction (NAID).
- Iron Mountain — Services include off-site and on-site shredding (for businesses and individuals, when you want to witness the destruction of your data)
- Securis — Cost-effective solution for individuals; it costs just $10 to grind a hard drive while you watch
- Guardian Data destruction — Billing itself the largest mobile destruction fleet in the U.S., Guardian offers nationwide document and device destruction services as well as a budget-friendly degaussing service
The importance of properly destroying your documents or electronic devices is something of which people are sometimes unaware.
- Buying a new device and selling the old one to a friend? — Wipe or overwrite your device
- Giving John Jr. your old machine? — Reformat it
- Throwing out an old and obsolete machine? — Take a hammer to it
- Doing a spring clean of hoarded documents and files? — Have a bonfire for the paper documents and securely overwrite the electronic files using a free tool
- No more space on a drawer-full of old removable media used mainly to share movies? — Degauss them
You can also turn drudgery into money. Instead of washing your car, pay the kids to destroy your data. Bonfires are fun, and so is using pulped paper for papier-mâché projects. For the older ones, you may just give them an interest in cybersecurity: ethical hacking is an extremely well-paid and challenging career.
- Identity theft: Your trash, their treasure, Today
- Before you sell your computer, smash the hard drive, says Which?, The Guardian
- Resold hard drives still ripe with leftover data, CSO
- 3 Ways to Permanently and Securely Delete ‘Files and Directories’ in Linux, TecMint
- What Is FileVault On Your Mac & Why Would You Want To Use It?, GPost
- National Association for Information Destruction (NAID)