A simple, yet often overlooked, storage area -- The Recycle Bin -- can leave a big hole in your security scheme. The simple procedure presented here may help you avoid that vulnerability. All Windows users, not to mention administrators, know all about the Recycle Bin. Nevertheless, it's a good idea to review some things as crucial as security procedures.
As we all know, the Recycle Bin is present in all versions of Windows from 9.x, NT and 2000. We also know the primary purpose of the Recycle Bin, a storage area for deleted files. At times users forget that files deleted from their hard drives go to the recycle bin, and this can present a security risk especially when dealing with confidential documents.
For example a user who works for the Human Resource department may delete a spreadsheet. The user might think that the file is of no worth, but it could provide a gold mine of information to another individual. Or a network administrator could delete some outdated files that, to this administrator, may not be of any worth but could be useful information for a vendor's maintenance rep called in to work on the server.
Depending on a user's job function, and organization policies, of course, it may be a good idea to keep files from going to the Recycle Bin. Here's how to do that:
- Right-Click the Recycle Bin and select properties
- Select the Global Tab then click Use one setting for all drives
- Select "Do not move files to the Recycle Bin. Remove files immediately when deleted" check box.
- Click OK
Another approach is to set up multiple partitions on the computer's disk(s). The partition that will contain sensitive data or the partition in which the user performs all day-to-day work can be configured to permanently delete files instead of sending them to the Recycle Bin:
- In the Global Tab click "Configure Drives independently" then select the appropriate drive letter and set the option as required.
- Click OK
Adesh Rampat has 10 years experience with network and IT administration. He is a member of the Association Of Internet Professionals, the Institute For Network Professionals, and the International Webmasters Association. He has also lectured extensively on a variety of topics.
This was first published in April 2002