It seems weird to be writing an article on destroying data on your Windows system. Usually I am writing articles on how to keep data safe, not on how to intentionally destroy it. Data destruction definitely has its place though, especially when it comes to old hard drives. Even seemingly innocent data can be used for malicious purposes, so it is extremely important to make sure the data is unreadable when disposing of hard drives. If you look on the Internet, you'll see that there are a million techniques that people use to clean hard drives of data. Since some of these techniques work better than others, I want to use this opportunity to talk about which data destruction methods do and do not work.
Why is data destruction so important?
Before I get started, I want to discuss the importance of stripping data from your old hard drives before disposing of them. As I'm sure you know, computer security has gotten a lot better over the last couple of years. Not to say that today's enterprise networks are impenetrable, but in most cases it is definitely harder to hack into a properly secured network today than it was a few years ago.
Because of this, many hackers have resorted to the low-tech technique of dumpster diving. Think about the advantages of taking hard drives out of the trash versus hacking into a network. There is much less risk of the hacker being caught and getting to the data is usually a lot easier. After all, there are no firewalls or IDS systems to deal with. The would-be hacker can simply plug the old drive into a computer at home and sort through the data at their leisure.
Even seemingly innocent data can turn malicious in the wrong hands. Think about a typical workstation's contents. In addition to any documents stored on the hard disk, there are also a couple of caches that might be of interest to a hacker. For example, the Internet Explorer cache stores a copy of every Web page that has been recently visited. I have heard stories of hard drive thieves using this cache to extract data such as bank account numbers, or blackmailing the drive's former owner over questionable Web sites that have been visited.
Of more interest though is the Outlook cache. The Outlook cache contains a copy of the former owner's Exchange mailbox, as well as their calendar, contacts, etc. I can't even begin to count the ways that this type of information can be exploited.
Those are just a few examples of what can happen if a workstation's hard drive is stolen. These same consequences can occur whether the hard disk was from a workstation in a large corporation, a personal computer in someone's home, or a laptop. If the consequences of a workstation's hard drive being stolen are that serious, you can only imagine what could happen if a thief managed to steal a server's hard drive.
I will admit that it isn't always simple for a thief to plug a stolen drive into a computer and start extracting data. If the drive is a part of a RAID array, then data extraction might be impossible if the thief does not have the other drives from the array set. Likewise, encrypting the data might stop a less skilled thief, but do you really want to take that chance?
Even if for some crazy reason you are not all that concerned about data that might exist on old hard drives, you might be legally obligated to wipe old hard drives before disposing of them. Federal regulations require companies in various industries (financial, health care, government, etc.) to dispose of old hardware in a manner that does not risk data disclosure.
Data destruction techniques
Data destruction methods for old hard drives seem to fall into two different categories; software methods and physical destruction methods.
Software based data destruction typically consists of using a special application to write patterns of meaningless data onto each of the drive's sectors. The process works by using binary flipping. A binary number is written to each sector, and then its compliment is written. For example, if the first number used is 10101010, then the second number would be 01010101. The basic idea is that bit flips need to occur with each overwrite pass.
The United States Department of Defense considers this to be a secure data destruction method for drives containing non classified data, so long as a sufficient number of overwrites are performed. Depending on the particular algorithm in use, the Department of Defense requires data to be overwritten up to 32 times before the hard drive is considered to be sanitized.
If this method is secure enough for the Department of Defense, it obviously works. The biggest problem with the technique is the amount of time that it takes to perform all of those overwrites, especially if there are multiple drives that need to be blanked.
There are a variety of hardware disk destruction techniques. Probably the technique that gets the most press is degaussing. Degaussing involves using a magnetic field to erase the drive. Unfortunately, degaussing is not quite as reliable of a technique is it used to be. Today's hard drives use thicker shielding than hard drives did in the past. This means that a degausser may or may not do a thorough job of erasing a hard drive.
The other problems with degaussing are the cost of the degausser and the verification process. After you degauss a hard disk, you must reinstall it into a PC and make sure that it really has been wiped clean. The problem is that this takes a long time to do, and it can be difficult to verify that the entire drive was degaussed if the drive's format has been removed.
Another method of hardware based data destruction is to physically destroy a drive. In the past, I have always advised friends, family, and clients to smash their old hard drives with a sledge hammer. I can say from personal experience that this method definitely works. Though there is the chance of injury from flying debris.
Along similar lines, I have heard many IT people talk about destroying hard drives by drilling holes through them. I have never personally attempted this technique, but I am told that it works well. Although this is a very popular technique, I have two initial concerns about it. One concern is whether the potential for injury exists as it does with the sledgehammer method. Another concern is that the data itself may not be destroyed, depending on where the drill penetrates the drive. I do tend to think that this is probably a reliable method though, so long as enough holes are drilled.
One last technique that I want to mention is using a commercial hard drive crusher. A company named Big Security Store is marketing a machine that is specifically designed to destroy hard drives. The destruction involves placing the drive inside a destruction chamber that's made of bullet proof glass, and pressing a button. A hydraulic piston then mangles the drive to the point that it resembles scrap metal found in a salvage yard. The entire destruction process takes about ten seconds.
I have used this machine myself and I can tell you that it works very well. The down side to the hard disk crusher though is its price. At $9,500 the unit isn't cheap. It might be worth the price though if you have a large number of drives to destroy.
As you can see, there are many different methods of destroying data. So which technique is the best? It really depends on your goal. If you want to reuse the drive after you destroy the data, then overwriting the drive in a secure manner is probably your best bet. If you want to physically destroy the drive, then I tend to lean toward using the hard drive crusher.
About the author: Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit his personal Web site at www.brienposey.com.
This was first published in August 2006