Does your company leave data behind?
Just because data is deleted, does not mean it can’t be recovered. Today, data can be extremely valuable, and it is important to keep your company’s confidential information safe. Hard copies of information, such as paper, can be shredded or destroyed to prevent this information from getting into the wrong hands. Soft copies, or data stored on hard drives, mobile devices, etc., can be physically destroyed by shredding or incineration as well. However, this is not a viable method if the intent is to reuse these electronics.
Clearing overwrites all areas on a storage device with new values, such as zeroes. This protects against simple, non-invasive data recovery techniques. Clearing can be an appropriate method if the intent of reuse is internal to an organization.
Purging is a method used to render data unrecoverable, even using advanced recovery techniques. This could mean encrypting data with a special access. When the data is to be erased, the key is destroyed; leaving no way to access the stored data.
A device should be purged of all data if the device will be re-used outside of an organization. If no reuse is planned, physical destruction of the media is recommended.
- In PowerShell, the Remove-Item command can be used to delete files. This can be specified to remove from specific locations, file types, etc.
PS C:\Users\user> Remove-Item -Path “C:/Users/temp/Desktop/file.txt” -force
- After running this command, the item has now been removed from the file system and sent to unallocated memory.
- Next, the cipher command can be used to encrypt drives, files, or directories. This includes unallocated memory (which is now on the C drive in this case).
PS C:\Users\user> cipher /w:C:
- The result: file.txt has been deleted, and the resulting unallocated memory has been encrypted, making this file unrecoverable even with advanced recovery techniques.