Data deletion or data destruction?

To that effect, most of the attention has been given to issues around data that must be retained for obvious reasons such as the direct impact of retention on cost of storage. Because of that, it is often assumed that once data has been marked for disposal, it no longer requires much attention and, as a result, the actual deletion process itself is sometimes loosely defined. But when data copies, data backups or archives are deleted, are they really gone?

Because electronic records are not physical, it is often (falsely) assumed that a simple file deletion operation is the equivalent to shredding a paper copy.

When it comes to paper records, running documents through a shredder usually does the trick. Because electronic records are not physical, it is often (falsely) assumed that a simple file deletion operation is the equivalent to shredding a paper copy -- after all, once data is deleted, it is typically no longer readily accessible by the operating system or application that created it. However, data deletion isn't sufficient. In simple terms, deleting a file only marks the space (or blocks) it occupies as usable. Until the blocks are actually overwritten, the data is still there and can be retrieved. In fact, the disk space occupied by deleted files must be overwritten with other data several times before the entirety of the files are deemed irretrievable (minimum of seven times as per the U.S. Federal government's guidelines).

In many cases, disk or tape media is reused to store more data; therefore, data deletion typically does not constitute much of an issue. However, when leased IT assets such as servers or disk arrays must be returned, when obsolete systems are replaced or when storage media has reached end-of-life, special care must be taken to ensure that any data once stored is irretrievable. This process is known as hard drive sanitization, and in some cases requires storage media destruction. It is often tempting for staff to innocently collect hard drives from decommissioned computer equipment for home use and this has lead to embarrassing situations and PR nightmares for some high-profile companies in the past because hard drives containing confidential data resurfaced in the wrong place at the wrong time.

The problem often starts with a lack of clearly defined policies around data destruction. Servers or disks are decommissioned without much thought being given to whether or not data is still accessible. There are a number of ways to dispose of data, including media destruction, disk degaussing and automated multiple data overwrites with random byte patterns.

Shredders

Media destruction is fairly common for media that has reached end of life, such as tape or to dispose of optical media that can't be overwritten. There actually are shredders for tape and optical media -- and even hard drives -- that are used when media must be destroyed.

Degaussing

The degaussing method uses a powerful magnetic field that basically neutralizes the "orientation" of the magnetized particles that make up the writeable surface of storage media. This method is typically used for erasing in bulk when media will be reused but be free of retrievable data.

Overwriting

Some data overwrite programs can be downloaded for free such as Eraser and will overwrite data as much as 30-plus times. There are other commercially available products that will automatically overwrite a file with random data more than 100 times. Because of the time it may take to overwrite date up to 100 times, these products may not always be suitable for very large-scale tasks with time constraints.

Third-party services can also be used for media overwrite, and each one of them will claim they have a better method than the next one. While there may be merit to evaluating whether a product that exceeds 50 times is better than the one that exceeds 20 times, is it probably a better idea to ensure that the service provider has guarantees and verifiable controls in place to ensure that nothing gets overlooked.

Hidden data

For very security-conscious organizations, there might be requirements to destroy residual data in temporary storage such as RAM or battery-backed cache on storage arrays. For a good and comprehensive paper on data disposal, see NIST Special Publication 800-88, "Guidelines on Media Sanitization".

About the author: Pierre Dorion is the Data Center Practice Director and a Senior Consultant with Long View Systems Inc. in Phoenix, AZ, specializing in the areas of business continuity and disaster recovery planning services, and corporate data protection.

Rate this Tip To rate tips, you must be a member of SearchDataBackup.com. Register now to start rating these tips. Log in if you are already a member. Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Backup and recovery SQL Server data backup and recovery best practices Secure your data backups with encryption key management best practices Using data deduplication with backup applications: Source vs. target dedupe Data backup for virtual machines: Alternative methods to VMware Consolidated Backup Upgrading from LTO-3 to LTO-4 tape for data backup and recovery Is VMware Consolidated Backup right for your enterprise? Is cloud data backup service right for your organization? Are data backup vendor certifications valuable for backup administrators? Choosing a Linux system backup tool: Pros and cons of popular Linux backup apps Dedupe dos and don'ts: Data deduplication technology best practices Data backup security Secure your data backups with encryption key management best practices Podcast: Backing up data on mobile devices Secure data destruction options for old backup tapes and disk Putting a solid data backup and recovery plan behind mobile devices Data storage backup security tutorial: Tape encryption and cloud backup Quantum adds VMware data backup, encryption key management device How do you make sure your data is secure when using a online/cloud backup provider? Using an encryption appliance for data backup security LTO-4 tape technology finally catching on -- tape storage isn't dead yet CA adds deduplication, virtual server backup to Recovery Management Data storage backup tools Symantec releases Linux version of Backup Exec System Recovery SQL Server data backup and recovery best practices Data backup and recovery vendors dig into deduplication technology, aim for cloud backup Veeam integrates with VMware vStorage APIs in Backup and Replication 4 Data backup and recovery news briefs: Data Domain upgrades data deduplication appliances Double-Take replication software solves remote-office data backup headache for Lennox International Using data deduplication with backup applications: Source vs. target dedupe Plan ahead to avoid bare-metal restore frustration Even with new and advanced VMware data backup tools, users stick with older technologies VMware and virtual data backup and recovery technology tutorial RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.