“Ensuring data is completely destroyed is a legal requirement”
Erasing data from a computer is not as simple as the manufacturers would have you believe. Just deleting it or reformatting the hard drive does not remove the data, and the secure removal of data about individuals by companies is now a legal requirement.
There are a number of methods used to “delete” data from a hard drive. These methods do not remove the data, they simply make space available for the system to use when next required. The data remains on the disk. Readily available software tools can be used to restore the data. Some are even free.
When data is deleted, all that actually happens is that the computer marks the space as available for reuse – it does not remove the data. The only way to remove it is to overwrite it. But failing to delete data may result in identity theft, financial loss, fraud or blackmail. Such concerns have prompted Microsoft to add a drive encryption feature called BitLocker into its new Windows Vista system to protect data on a PC.
According to Nick Coleman, chief executive of the Institute of Computer Security Professionals, the Glamorgan research highlights a glaring problem for the computer industry. “This is about how you manage data to the end of its life and what is best practice. People are used to buying shredders to get rid of paper information; now they need to be pointed in the direction of properly accredited people who they know are competent to destroy the data for them.”
There are disk wiping utilities and programs available that will erase data if correctly used. Some programs erase the entire disk, while others allow you to select which files or folders to erase. It is important that the utility or program provide an option to erase free space.
Life Cycle Services has a list of data removal programs and instructions at www.howtowipeyourdrive.com
Published Guardian Thursday August 10th, 2006