infoTECH Feature

December 14, 2010

Ways to Securely Erase a Hard Drive

Do you ever have to dispose of old computers or return leased PCs at your company? If so, then one of your No. 1 priorities should always be to securely wipe each hard drive to make sure none of your business data ends up in the wrong hands.

As all good IT pros should know, simply deleting or reformatting a hard drive doesn’t securely get rid of the data. Someone determined enough can still use a recovery tool to revive the partitions on the drive and access sensitive files.

I recently covered a story in which an audit of NASA discovered that the agency had failed to properly remove sensitive information from certain hard drives. And I’m in the process of wiping the hard drives from a couple of older PCs that I plan to sell or give away. With this in mind, I thought it’d be helpful to discuss a few tools that you can use to securely erase a hard drive.

HDDErase

Also known as Secure Erase, this tool from CMMR (the Center for Magnetic Recording Research) is a DOS-based program that securely “sanitizes” the data on your hard drive. Unzip the downloadable file HDDEraseWeb.zip and you’ll find a file called HDDErase.iso, which you can easily burn onto a CD using a couple of processes that I explained in a previous column.

Booting up the computer with the CD then presents you with a DOS-based menu offering four choices. On my test PC, choices 2 and 3 created a RAM (News - Alert) drive from which I was able to run the hdderase.exe file from a command prompt. The tool takes you through a series of messages and confirmation screens until you get to the point where you type the designation for your drive, typically P0, for the primary master drive. At this point, you may also find that your PC’s BIOS prevents you from running HDDErase, but the program offers an easy bypass for this.

After rebooting to get past the BIOS lockout, HDDErase asks you if you want to opt for a “secure erase” or “enhanced secure erase.” The enhanced secure erase overwrites your drive multiple times and therefore takes longer to run. Unless you have extremely sensitive or classified data on your hard drive, you can go with the regular secure erase. On my PC with a 120GB hard drive, the secure erase took about 45 minutes to complete. Though HDDErase can be cumbersome to use with its multiple menus, it definitely gets the job done.

DBAN

Another popular disk erase tool is Darik's Boot and Nuke, also known as DBAN. Like HDDErase, DBAN will securely and completely delete the data on your hard drive to render your files unreadable. You download a file called dban-2.2.6_i586.iso, which you can then burn onto a CD. Booting up the computer with the CD presents you with a menu that offers several choices. You can read the documentation, view a list of commands, run the program in interactive mode, or kick into automatic mode. Running the program in interactive mode gives you the ability to choose the type of erasure method you wish to use and how many times you want the drive to be wiped. Automatic mode just chooses the default methods and kicks off right away. One bit of advice here: if your PC has a media card reader, you’ll need to disable it in the BIOS before you can run DBAN, otherwise the program will hang. The size of your drive and the number of times you set for the wipe will determine how long the erasure takes, but once it’s done, you’ll have a clean and secure disk.

Sdelete

Microsoft (News - Alert) provides its own file erasure tool called Sdelete, courtesy of the folks at Sysinternals. Sdelete is actually geared more toward fully erasing individual files and folders that have already been deleted in Windows. But if you’ve already reformatted the hard drive, you can use Sdelete to securely wipe all the free space on that drive. And since the tool adheres to Department of Defense standards, you can rest assured that all your data will be gone and your hard drive secure. You can copy the sdelete.exe file to a bootable CD or USB stick. Running the command sdelete –z followed by the drive letter will then clean all free space on your drive.

Whichever tool you choose to wipe hard drives at your company, just be sure to securely erase those drives before any computer leaves your business.


Lance Whitney is a journalist, IT consultant, and Web Developer with almost 20 years of experience in the IT world. To read more of Lance's articles, please visit his columnist page

Edited by Tammy Wolf
FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers