The two most common ways to erase a hard drive are by formatting or wiping the drive. We look at both approaches and discuss security issues and techniques.
Perhaps you have decided to forgo system upgrades and get rid of your computer system and purchase a new one. If you’ve decided to donate your old computer to a charity, local group or school, it’s extremely important to make sure your computer’s hard drive is completely free of data.
In the “no good deed ever goes unpunished” department, you need to ensure that you don’t donate more than you planned. The last thing you want is to pass on a PC when sensitive business information, or even personal information such as stored passwords, personal documents and credit card numbers that could be retrieved. When you donate a computer, you really don’t know where it may end up or if it will go through the hands of a malicious person with the capability to restore previously recorded and deleted data.
There are many ways to go about making sure your data can never be retrieved. Obviously, you can choose to physically smash the hard drive, but there are alternatives that enable you to keep the system intact so you can donate a complete system.
Quick Tip: Wondering what some of the technology words used in this article mean? Click the hyperlinks on computer, Internet and technology words to read Webopedia’s tech term definition.
Erasing and Formatting: Just Not Secure Enough
Simply erasing all the data on your hard drive and formatting it is not enough security. You can spend hours going through your hard drive and deleting all the files and documents you want, but using the delete key on your keyboard in Windows will only remove the shortcuts to the files making them invisible to users. Deleted files still reside on the hard drive and a quick Google search will show many options for system recovery software will allow anyone to reinstate that data.
Formatting the hard drive is a bit more secure than simply erasing the files. Formatting a disk does not erase the data on the disk, only the address tables. It makes it much more difficult to recover the files. However a computer specialist would be able to recover most or all the data that was on the disk before the reformat.
For those who accidentally reformat a hard disk, being able to recover most or all the data that was on the disk is a good thing. However, if you’re preparing a system for retirement to charity or any other organization, this obviously makes you more vulnerable to data theft.
For some businesses and individual users, a disk format may be something you consider secure enough, depending, of course, on the type of data and information you saved to your computer. As long as people understand that formatting is not a 100 percent secure way to completely remove all data from your computer, then they are able to make the choice between formatting and even more secure methods. If you have decided a disk format is a good choice, at the very least to do a full format rather than a quick format.
Editor’s Recommendation: Need help understanding formatting? This Webopedia “Did You Know…?” technology article provides instruction on how to format a hard drive.
Disk wiping options (aka “data dump”)
Even more secure than reformatting is a process called disk wiping (or disk scrubbing). The term disk wiping is not only used in reference to hard drives but any storage device such as CDs, RAIDs, flash drives and other storage devices.
Disk wiping is a secure method of ensuring that data, including company and individually licensed software on your computer and storage devices is irrecoverably deleted before recycling or donating the equipment. Because previously stored data can be brought back with the right software and applications, the disk wiping process will actually overwrite your entire hard drive with data, several times. Once you format you’ll find it all but impossible to retrieve the data which was on the drive before the overwrite.
While disk wiping algorithms differ from product to product, they all will generally write the entire disk with a number (zero or one), then a reformat will be needed. The more times the disk is overwritten and formatted the more secure the disk wipe is, but the trade-off is the extra time to perform additional rewrites. Disk wipe applications will typically overwrite the master boot record (MBR), partition table, and every sector of the hard drive.
Disk wiping standards
The government standard (DoD 5220.22-M), considered a medium security level, specifies three iterations to completely overwrite a hard drive six times. Each iteration makes two write-passes over the entire drive; the first pass inscribes ones (1) over the drive surface and the second inscribes zeros (0) onto the surface. After the third iteration, a government designated code of 246 is written across the drive, then it is verified by a final pass that uses a read-verify process.
There are a variety of products available for different operating systems that you can purchase, or freely downloaded online to perform more secure disk wipes. If time to perform the disk wipe is a consideration, there are also tech security companies who offer disk wipe services.
Did You Know… In 2003 two MIT students purchased 158 used disk drives from various locations and found more than 5,000 credit card numbers, medical reports, detailed personal and corporate financial information, and several gigabytes worth of personal e-mail and pornography on those drives.
UPDATED: This article was updated April 2, 2021 by Web Webster.