Home SecurityOS Security How to protect and safely erase data on Windows devices

How to protect and safely erase data on Windows devices

by

Years ago Microsoft listed the 10 laws of security, and law three states that if a bad guy has unrestricted physical access to your computer, it’s not your computer anymore. Thus, it’s critical to destroy hard drives and other media in recycled equipment.

On our office’s electronic waste day, we got rid of several old servers, workstations, phones and other equipment that at one time stored sensitive information. Some of it was BitLockered, but the rest was old enough not to be.

A hammer ensures information is unreadable, but that method doesn’t scale to drives in a remote data center. So, you need to look for alternatives. NIST 800-88 details the options you have to ensure that you safely can destroy the information on the media. 

BitLocker and self-encrypting hard drives give you one option. If you know whether the data was added to the hard drive before or after it was encrypted, you might be able to quickly make the drives unreadable. In the case of self-encrypting hard drives, you can change the existing password (i.e., the data encryption key) and the data is no longer readable.

The process is called crypto erase and has been approved by ISO and NIST as an acceptable data sanitization method. If you use crypto erase, test the process to ensure you can’t recover data by sampling wiped drives.

Copyright © 2019 IDG Communications, Inc.

Source link

Related Articles

Leave a Comment

This website uses cookies to improve your experience. We will assume you are ok with this, but you can opt-out if you wish. Accept Read More

%d bloggers like this: