Secure Data Deletion


	Sunday, November 8, 2009

	Security "Greatest Hits"
	Managing Passwords
	E-mail Harassment & Forgery
	Hoaxes, frauds & scams
	Spam
	Phishing
	Wireless Networking
	Encryption & digital signatures

	Best Practices
	Secure desktop computing
	Secure servers
	Secure web applications
	Secure web development
	Secure data deletion
	Tips for safe computing
	Computing policies

	More in-depth information for
	Local support providers
	System administrators
	Application developers

	Security initiatives
	Critical host compliance
	Authentication & authorization
	Penn Security & Privacy Assessment (SPIA)
	Security Liaisons (Restricted Access)
	Secure Share
	NeXpose Vulnerability Scanner

	Related links
	Electronic privacy
	PennKey
	Viruses
	Worms, trojans, backdoors

Secure Data Deletion

The Problem

Deleting a file by typical means (e.g. dragging it into the Trash) does not actually remove the file - it can be recovered easily using undelete functionality in the operating system or in forensic software. To delete files and other data securely, you must use some secure deletion method.It is critical to do this when handling sensitive data or disposing of unneeded electronic devices.

How do I delete a file securely?

That depends on the operating system. Below are some options for each; for more information, see http://www.upenn.edu/computing/provider/recycle.html.

Windows

PGP Desktop: "shred" function

Heidi Eraser: can also delete already-deleted files securely

Mac OS X

Finder: Secure Empty Trash (built-in)

Disk Utility: can also delete already-deleted files securely (built-in)

PGP Desktop: "shred" function

UNIX: Wipe

How do I wipe an entire device securely?

ATA, SCSI, USB, and Zip disks: Overwrite using one of the methods below. A one-pass overwrite with random data is sufficient. Degaussing is not necessary, and in fact, will render a drive unusable. If the device will be disposed of anyway (as opposed to being recycled) degaussing is a faster option.

Windows: Secure Erase
Mac OS X: Disk Utility (built-in)
UNIX: Wipe
For a comprehensive list, see http://www.upenn.edu/computing/provider/recycle.html

CDs, DVDs: Destroy by incinerating, melting, or shredding to pieces no larger than 25mm².

Tapes: Degauss. For tapes, overwriting is impractical given the way data is written. Contact the University Records Center for assistance with secure tape disposal.

Cell phones, PDAs, Printers: Delete data, then do hard/factory reset.

Is there a faster way to securely erase a drive?

If you have an ATA drive, it may have a "fast secure erase" feature that will allow you to start the secure erase, protect it with a password, and prevent any drive access until the erase is complete. Degaussing is an option, although it will render the drive unusable.

How may overwrites are required to make the data unrecoverable?

A one-pass overwrite with random data is sufficient. Based on a report from NIST (National Institute of Standards and Technology) and research done by the UCSD Center for Magnetic Recording Research, a single overwrite is nearly as effective as multiple overwrites. Multiple overwrites take significantly more time, and do not clear the remaining electromagnetic signal significantly better than a single overwrite. For more information, see NIST Special Publication 800-88 and the Center for Magnetic Recording Research.

Last updated: Friday, December 19, 2008



Information Systems and Computing University of Pennsylvania Comments & Questions