Wednesday, May 30, 2007

Sensitive data at Goodwill? Wipe that drive!

A recent story on caught my eye today, one that has sadly become all-too frequent: a laptop with sensitive data is in public hands.

This latest episode of an ongoing saga involves a portable computer purchased for eight dollars from a Goodwill store in Portland, Oregon. The buyer got more than their eight bucks worth when they found a spreadsheet with medical records on the used laptop. According to the report, Goodwill generally erase hard drives before reselling computers. Apparently this one fell through the cracks.

So how can you protect yourself and your data when you pass along your computer for recycling or reuse? What should you do to keep your sensitive history from the bad guys?

Wipe that drive!

And of course (or I likely wouldn't have much to blog about ;-) ), it's easier than it sounds. Sorry folks! Simply erasing or formatting your hard drive isn't quite enough. When a hard disk drive is formatted, sure it makes the drive available for re-use and shows no files found, but a clever hacker or curious computer buyer can often dig up the digital remains.

To protect yourself, and be confident the data is gone, gone I recommend the following steps:
  • Use a wipe utility that destroys the data completely -- formatting isn't enough as your files may still be hidden beneath the curtain.
  • Remove the hard drive -- take the drive out and toss it in a shoebox, recycle it seperately, or: destroy it physically (also great agression-reduction therapy!)
  • Send your computer to a computer recycle shop -- many of the specialists have policies and standards to wipe hard drives... ask when you drop off your old computer.
  • A business subject to Sarbanes-Oxley controls should ensure their IT department is following appropriate handling of used hard drives.

My favorite computer recycling facility is Free Geek and they have the type of policy you should look for to ensure your hard drive is properly wiped:
At FREE GEEK, we will never boot from a hard drive before it has been wiped of data. Hard drives we are going to keep first have their partition table removed, and then are overwritten five times in the process of testing. If we are not going to reuse a hard drive, it is physically destroyed in our facility before we send it to a responsible e-waste recycler. We do not give or sell hard drives to places that do not have a similar policy. Data on donated hard drives is safe.


I've talked about computer recycling (and Free Geek) on Portland's Morning News before, in case you missed it -- I've got an archive from my hard drive here: kxl_techexpert-recyclepc_20060724.mp3

Finally, if you're looking for tools to wipe a drive, here are a few that do the trick (Please use these tools CAREFULLY -- especially around drives with data you intend to keep, I can't be responsible for their use or misuse):


Unknown said...

bedroom furnitures should be sized up and paired with the color and type of your beddings, for seagate external hard disk visit Nayashopi

Anonymous said...


I wanted to send an email about a possible tool to use for complete data erasure. WhiteCanyon is the maker of WipeDrive, SystemSaver, SecureClean and many other software suites for data erasure as well as protecting information from falling into the wrong hands during recycling and repurposing. Please direct follow up emails to . Thank you for your time. Perhaps there is the possibility to write a new article about data destruction about our software.