Does your company leave data behind?
Just because data is deleted, does not mean it can’t be recovered. In this day and age, data can be extremely valuable, and it is important to keep your company’s confidential information safe. Hard copies of information, such as paper, can be shredded or destroyed to prevent this information from getting into the wrong hands. Soft copies, or data stored on hard drives, mobile devices, etc., can be physically destroyed by shredding or incineration as well. However, this is not a viable method if the intent is to reuse these electronics.
Clearing overwrites all areas on a storage device with new values, such as zeroes. This protects against simple, non-invasive data recovery techniques.
Clearing can be an appropriate method if the intent of reuse is internal to an organization.
Purging is a method used to render data unrecoverable, even using advanced recovery techniques. This could mean encrypting data with a key whenever it is saved on a device. When the data is to be erased, the key is destroyed; leaving no way to access the stored data.
A device should be purged of all data if the device will be re-used outside of an organization. If no reuse is planned, physical destruction of the media should be performed.
- In PowerShell, the Remove-Item command can be used to delete files. This can be specified to certain locations, file types, etc.
PS C:\Users\user> Remove-Item -Path “C:/Users/temp/Desktop/file.txt” -force
- The item has now been removed and sent to unallocated memory.
- Next, the cipher command can be used to encrypt drives, files, or directories. This includes unallocated memory (which is now on the C drive in our case).
PS C:\Users\user> cipher /w:C:
- The result: file.txt has been deleted, and the resulting unallocated memory has been encrypted. Now this file is unrecoverable even with advanced recovery techniques.