Confused about what data erasure is and what it is not? Read on to get a clear understanding of data erasure and the various myths associated with it. The EU General Data Protection Regulations (GDPR), CCPA – California Consumer Privacy Act, Senate Law in New York, and similar laws in different countries have devised strict norms for user data protection. These regulations have laid down the mandates for secure and compliant handling of user data, including customer data in organizations’ custody.
Failure to comply with these data protection laws can lead to substantial financial penalties, legal action, and even imprisonment. Also, there is a default risk of brand damage and customer loss. Technology giants like Facebook and Google have already paid massive fines for data breaches under these new data protection laws.
Given this need for secure and compliant handling of user data across its lifecycle, various data destruction practices have emerged at an industrial level. Data destruction means permanent desensitization of the information to make it unreadable (illegible) to any method. The purpose of data destruction is to avoid its leakage or exposure for protecting the privacy of the data subject (user).
Data erasure is a data destruction technique based on overwriting the bits of information with binary patterns to render it unreadable. It is a prevalent media sanitization technique gaining prominence in the ITAD industry and enterprises. Given the growing scope & impact of data protection laws, this article enlightens you on the top 4 myths of data erasure. The purpose is to help you make an informed decision towards attaining failsafe regulatory compliance and data privacy.
Myth 1: Formatting Erases the Data Completely
Fact: No, Formatting does not erase the data beyond recovery.
If you intend to get rid of the data entirely beyond recovery, especially when you want to donate your old computer to charity or discard it, formatting your hard disk is not a secure option. Formatting the device will not delete or remove your stored data permanently; the data still resides in the storage drive, and a DIY software like Stellar Data Recovery can get back the data from a formatted hard drive or SSD easily.
Formatting is a process of wiping the storage partition table and unlinking the data in the file system. It re-indexes the file system for reusing the drive. Although the user feels that the data has gone as it becomes invisible, technically, the data resides in the media. A free DIY data recovery software can retrieve the data.
Therefore, formatting is un-secure and can lead to data leakage and breach.
Myth 2: Deleting Helps Get Rid of Data
Fact: Not at all; deleting is highly unsafe and can lead to data leakage & breach.
Deleting a file or any data from your computer merely removes the file linkages with the memory locations in the file system. This fact is true even when you empty the Recycle Bin. Deleting files and then emptying the Recycle Bin is a classic case of ‘out of sight, out of mind’. The file vanishes from your sight – you can no longer trace it. So, you feel secure, believing that it has been permanently destroyed. That is why it is a myth. The deleted files remain stored on your disk, be it HDD, SSD, or other external storage media. You may not be able to see them any longer, but they remain recoverable. A DIY free data recovery software can get back the deleted files emptied from the Recycle Bin.
So, deleting is a highly unsafe method to get rid of files, especially if you are giving away your old PC, laptop or drive, or selling it off in the secondary market or donating for charitable reasons. Even if you hand it down to someone you know, it is best to erase all your data first to ensure that the old data does not haunt you.
Why take a risk? It indeed makes far more sense to wipe all your data using BitRaser while you still have control.
Myth 3: SSD Can Be Degaussed
Fact: Degaussing does not destroy the data stored on SSDs.
Degaussing is a process based on neutralizing the magnetic field of electromechanical storage media such as hard disk drives to destroy the data. In such a transformation, data gets destroyed beyond recovery.
However, that happens only on traditional hard disks. Degaussing does not work on solid-state drives (SSDs). The process of data storage on SSDs is principally different from the way traditional electromechanical hard disks store data. Data storage on SSDs is not magnetic. SSDs use flash memory chips to store the data. No magnetic coating is necessary for these chips.
Degaussing is almost a golden rule for data destruction on traditional hard disks because they store data magnetically. SSDs do not. It’s as simple as that.
Myth 4: Shredding Destroys the Data
Fact: Shredding may not guarantee protection from forensic recovery techniques.
Shredding is a physical destruction method based on disintegrating or severing the storage drive into smaller dimensions, typically in the size range of 2–30 mm, rendering the data unrecoverable. The method relies on destroying the storage media such that it is nearly impossible to read or extract the underlying data.
But, there are possibilities that shredding may still leave behind some portion of the storage media such as the platter in a dimension conducive for forensic extraction of the data. Technical lapses may also happen when a relatively small data storage element, such as the NAND chip in an SSD slips past the grinder or is only partially destroyed, leaving open the possibility of data extraction using state-of-the-art techniques.
Ending On a Reinforcing Note
Now that you have a better grip on data erasure, ensure destroying all the sensitive data before discarding your old computer. You may like to read more on secure drive wiping software.