Best Way to Wipe a HDD

[Dcrypter]

The ultimate boot cd has a few utils that allow you to really wipe the HDD

http://www.ultimatebootcd.com

[zENGER]

Originally posted here by catch
Let's skip all the dramatics for a moment, all you need to do is practice due diligence.

Just format the drives, audit the drive to ensure the format was successful, document the process, have it notarized (you should do these last two no matter what method you choose) and be done with it.

Don't you mean due care?

In any case I would say that for confidential data formatting is not enough. A good run of a wiper, such as BCWipe would do the trick nicely. If the data was just regular old documents and such then formating would be perfectly fine.

The destruction of the drive could be used in the most direst of situations, but what you really need to consider is the cost/benefit of the process. What is the loss you could take if the data was found vs. the cost it would take to destroy the media. My opinion is wiping the drive mitigates the risk to an acceptable level.

[i2c]

I was once interested in the destruction of data - you can use the degaussing ring from an old TV or monitor - although be careful cos those things run on mains...

I take great pleasure in smashing drives up with a hammer, but i've never *really* needed to. The material they make the disks out of is pretty boring and you get no sparks when you grind them up, although you can drill though them surprisingly easily.

Its amazing though becuase i bought about 20 old hard disks from a car boot sale (yard sale?) and went though all of them to see whether there was anything juicy on them - yes i know im a nosey bastard.... and its surprising how many people store there details and stuff in plain text and then sell there drives off for £0.20 a piece. They must of come from a company becuase there were loads of excel spreadsheets, and internal memos which could of been exploited for the means of social engineering.

i2c

[catch]

Don't you mean due care?

No, if I meant due care, I would have said that. Considering the definitions of "diligence" are:

1. Earnest and persistent application to an undertaking; steady effort; assiduity.
2. Attentive care; heedfulness.

diligence is a more appropriate choice as in this case it deals with persistence of the security policy and industry best practices. "Due care" would be cleaning the drive in the way you see fit and not the way deemed acceptable by the policy/industry.

The destruction of the drive could be used in the most direst of situations, but what you really need to consider is the cost/benefit of the process. What is the loss you could take if the data was found vs. the cost it would take to destroy the media. My opinion is wiping the drive mitigates the risk to an acceptable level.

My opinion is that you have no clue of the asset value on the drive or the exposure factor, consequently you have no basis for calculating the risk involved much less its appropriate mitigation. You are just looking at throwing superfluous safeguards (which are not recognized as industry best standard so if any data is recovered, hello lawsuit, goodbye job) at the situation with no regard for (hell, no knowledge of) requirement or cost.

cheers,

catch

[nihil]

Well,

1. Strictly speaking you should already have a documented and repeatable process for equipment disposal, which would include HDDs. (You would need that for CMM level 3?)

2. In the defence, intelligence and military sectors, sensitive materials are physically destroyed, in accordance with a clearly defined process. Less important data are wiped according to a standard approved by the DoD, MoD or whoever.

3. Whilst a simple re-formatting is adequate for materials that are to be re-used internally, this is not adequate for anything that is leaving the organisation. It is far too easily recovered. The industry standard (for those who actually have standards ..........and many do not) is to use a military/government approved methodology. This is quite natural, as it makes a much stronger case in court than an "industry standard" that may well be flawed, government standards being generally more acceptable than private sector ones in this area. The process includes formatting but has the additional overwriting procedures. I suspect that the rationale behind this is that I might "accidentally" recover a formatted drive, but if I recover a wiped drive that would be a very deliberate action? "Malice and aforethought" and all that sort of thing?

4. I agree with the documentation part. As disposal of any asset requires some sort of formal authorisation process (or it SHOULD do), the data wiping documentation would logically seem to belong here? (I know, I know.................spoken like a true auditor..........but audits cost money so why not make things quick and easy for them? )

Just my thoughts..............

[zENGER]

Originally posted here by catch
Let's skip all the dramatics for a moment, all you need to do is practice due diligence.

Just format the drives, audit the drive to ensure the format was successful, document the process, have it notarized (you should do these last two no matter what method you choose) and be done with it.

cheers,

catch

Originally posted here by catch
My opinion is that you have no clue of the asset value on the drive or the exposure factor, consequently you have no basis for calculating the risk involved much less its appropriate mitigation. You are just looking at throwing superfluous safeguards (which are not recognized as industry best standard so if any data is recovered, hello lawsuit, goodbye job) at the situation with no regard for (hell, no knowledge of) requirement or cost.

cheers,

catch

Are you talking in circles? You say first to just format it and document it, and then in the next say that wiping the drive is not in the industry best standard because data could be recovered? If you plan to reuse a drive with confidential data on it you need to make the best effort to be certain that the drive is indeed unrecoverable. A signed document isn't going to save your job when the guy next to you says that he wanted to wipe that drive but all you cared about was getting your paperwork notorized.

No, I don't know the qualitative risk that is involved in the data being recovered, but if someone was to tell me its financial data I would quantitatively rank it with some importance. This might mean taking a little extra effort to make sure that the data is not recoverable. This results in a multipass wipe of the drive which doesn't drive up the cost.

Indeed I do not know if there are any special requirements set forth by his company, but neither do you. We only have the information that he provided which everyone made their recommendations based on.


Due care: The care that a reasonable man would exercise under the circumstances; the standard for determining legal duty

Due dilligence: The process of systematically evaluating information, to identify risks and issues relating to a proposed transaction.(ie verify that information is what it is proposed to be).

Dilligence is research what you should do, and care is actually performing the actions. Both are needed, it just seemed like you were offering more actions to be done than research.

[fraggin]

While I have noticed some very good replys. Lost of people mention zero'ing out the drive is sufficient. I know somone that claims to have an app that will restore a drive zero'ed out up to 8 times over. I have never seen this in operation, but he claims to have restored crashed drives with the application to get them up long enought xfer data. *Shrugs* could be a lie, who knows.....
Also,
I had to take a client's think-pad HD to data recovery specialest to recover some time sensitive unique data. The place that I took it to prided theirselves on their recovery succcess rate and had some pictures of various drives where data had been recovered. Among these included Hard Drives damaged in Fires and Floods. They were good. They recovered everything from a Laptop drive for me that was no longer recognized by the computer. Yes, they were expensive. But just know that some people are willing to pay the price. When you add curiosity to the factor, you have to ask yourself how much one would pay for a key to open a chest of unknown contents.

[catch]

3. Whilst a simple re-formatting is adequate for materials that are to be re-used internally, this is not adequate for anything that is leaving the organisation. It is far too easily recovered. The industry standard (for those who actually have standards ..........and many do not) is to use a military/government approved methodology. This is quite natural, as it makes a much stronger case in court than an "industry standard" that may well be flawed, government standards being generally more acceptable than private sector ones in this area. The process includes formatting but has the additional overwriting procedures. I suspect that the rationale behind this is that I might "accidentally" recover a formatted drive, but if I recover a wiped drive that would be a very deliberate action? "Malice and aforethought" and all that sort of thing?

While it is true that US DOD/MIL standards are far more secure than commercial standards, companies need to take care if they plan on picking and choosing.
Why follow high assurance data destruction techniques when low assurance data storage techniques are used? Sooner or later someone, be it an auditor, stockholders, someone is gonna ask the following question:

Why are we wasting the resources on making this one area high assurance when nothing else we do is?

Then people get laid off, and new policy is written.

cheers,

catch

[nihil]

Hi, fraggin

I can well believe it. A reasonably secure wiping sequence will use 0's 1's in a random sequence and intersperse with writes of random 0's and 1's.

If you repeatedly overwrite with the same character, it is relatively easy to unravel the overwrites.

[catch]

Are you talking in circles? You say first to just format it and document it, and then in the next say that wiping the drive is not in the industry best standard because data could be recovered?

Nowhere did I say that wiping the drive is not the industry best standard because data can be recovered. What I said was:

"You are just looking at throwing superfluous safeguards (which are not recognized as industry best standard so if any data is recovered, hello lawsuit, goodbye job)"

Meaning that if you wipe the drive, and or do anything to the drive that isn't considered an industry best practice and IF any data is recovered you are in worse standing than if you used the industry best practice and the same data were recovered.
No circles.

A signed document isn't going to save your job when the guy next to you says that he wanted to wipe that drive but all you cared about was getting your paperwork notorized.

No, but it will save your job and lose his when you remind the seniors that the guy next to you was wanting to needlessly waste resources so that you can have high assurance data destruction, even though you are utilizing low assurance data storage. (how do I know he is using low assurance data storage? if he wasn't he'd already have a policy on data destruction)

This results in a multipass wipe of the drive which doesn't drive up the cost.

Yes it does, you need to acquire the tools to do this (things), and you need tools that offer some level of assurance (more expensive tools) that they actually do what you think they are doing. Then you need someone to apply the tools to the drive (time). Then you actually need a more complicated audit to ensure the tool worked properly in this instance (more time), unless you just check to see the drive was formatted, in which case you've done nothing more than wasted resources.
(things + more expensive things) + (time + more time) = lots of extra cost

Indeed I do not know if there are any special requirements set forth by his company, but neither do you.

Sure I do, the simple fact that no policy, much less procedure exists for this at his company lets me know that there are no special requirements. So why do you assume that they have all this need that no one there has ever considered?

Due care tends to be the action involved when dealing beyond the scope of any guidelines. In this case the guidelines are very clear, industry best practices. (Diligence would be assuring that policy, procedure, best practices, etc are followed through on, so I felt it more appropriate)

cheers,

catch