Destroy Data for Security's Sake | LMG Security's Tips
Xerox PARC recently developed a self-destructing microchip that could effectively put an end to the misuse and unauthorized sharing of highly sensitive, encrypted data. The chip was developed as a part of DARPA’s Vanishing Programmable Recourses Project. It is made entirely of glass with a series of microchips embedded in its surface. If the command is made for the chip to commence its self-destruct sequence, an ion exchange tempering process will be initiated, and the glass will explode into hundreds of pieces within a couple of seconds.
While this hi-tech innovation is extremely cool, it will be a while before the technology hits the mainstream. In the meantime, here are some tips that the rest of us can use to destroy data for security or compliance reasons.
I spoke with LMG’s very own Karen Sprenger about the methods in which a person might go about destroying sensitive data, and she told me that the secure destruction of data could be carried out in two ways: technical destruction and physical destruction.
Technical Destruction
In terms of technical destruction, there are a variety of methods that people go about “destroying” their data, not all of which are actually effective. It is a common misconception that deleting a photo on your or emptying the trash bin on your laptop will equate to the removal of that media from your hard drive.
In the same line of thought, people also tend to think that doing walking overwrites of 0’s and 1’s will make it impossible for anyone to access your hard drive. LMG’s Dan Featherman explained this thought process to “ripping out the index page of your math book. Just because the index page is gone doesn’t mean that the contents of the book are gone forever.”
Although technical destruction measures are effective, as Dan explained, that is not always the most efficient way to go. There are a variety of at-home software options that will aid in your technical destruction efforts. For Windows users, Eraser is a great option.
Physical Destruction
This form of data destruction is exactly what it sounds like. Any way in which you might go about destroying physical objects will work on a hard drive. The trick with physical destruction is extremely thorough. Even if a person has set their hard drive on fire, smashed it with a sledgehammer, drilled holes into it, and then dropped it in battery acid, there is still a possibility that a part of that hard drive is still readable for a person with the right skills.
Karen suggests bringing your old hard-drive to a shredding facility, which can be found at many recycling companies. Putting your hard drive through a shredder does a great job of guaranteeing that there will not be a readable bit of hard drive left to take advantage of. Zoz gave a great presentation on physical destruction at this year’s DEFCON.
If you are worried about the security of the data stored on your hard drive, LMG Security offers digital forensics services that will allow you to know where insecure data may be found in your hard drive. If you have any questions on this topic or about our digital forensics services, please let us know by sending an e-mail to [email protected]