by: Lee Sykes
It is important for businesses to recycle their computers, but have you thought about what happens to the data on your computer when it is collected?
How sensitive is the data stored on your hard disk?
If you are donating equipment to a recycler, you need to ensure that their data removal procedures operate to a high standard.
A recycler needs to honour the requirements of the Data Protection Act 1998, in summary:
To treat all data obtained from a donation as confidential
To use appropriate methods to securely destroy all data
Notify the donor as soon as possible if any unauthorised use or disclosure of the data is made
How Do You Securely Remove Data?
If a hard disk is formatted, this is not a secure way to wipe data!
This method has inherent limitations, as only the file allocation tables and the pointers to the data (that render the data inaccessible) are destroyed. The data on the remainder of the drive is not destroyed, and the inaccessible data is easily retrievable. There are many free programs available on the internet to recover data from a formatted drive.
Best Practice:
A Recycler should use a piece of software which will:
run from a bootable floppy
report the actual hard disk capacity (the same reading as the BIOS and label on the HD)
overwrite a single character pattern to the entire HD
produce a report that all areas have been overwritten
report any bad or unusable sectors that cannot be overwritten
verify successful erasure
The key point here is that the hard disk is actually overwritten with new data – ie. 10101010
This ensures that your old data cannot be retrieved.
The Security Levels:
In order for a disk to be wiped to High Security Standards, such as Military Of Defense standard, the hard disk is overwritten several times, for instance:
Perform 3 overwrite cycles to all areas (where each cycle will be a single pattern, followed by its complement), and a final overwrite with a random character pattern (ie. A total of 7 overwrites) – verification of successful erasure should then be carried out for all Hard Disks.
How Do You Erase Data From A Hard Disk That No Longer Works?
The simplest way to ensure this is to destroy the Hard Disk. Recyclers have many different methods for this, but an example is to drill a hole through the disk, just off centre.
Summary
Before you allow your computer equipment to be collected, ensure you check the recyclers’ procedures for the secure removal of data from your hard disks. Most recyclers will also provide some form of report after the collection to guarantee the data from your hard disks was securely removed.