Securely erasing data

4. November, 2021

Deleting data sounds easier than it is. The Delete command usually moves the file to the Recycle Bin: a specially created folder where deleted documents or folders are collected and from which they can be recovered by mouse click.

According to the system notice, even if the recycle bin is emptied and the data is “irrevocably deleted”, it is not gone. They’re just not so easy to discover anymore. If you want to permanently delete sensitive data to not be recovered, you need more effort and care.

Overwrite hard drives or data

Before data carriers that contain sensitive data can be discarded or passed on, they must not only be deleted but overwritten in accordance with data protection. Also, formatting the hard drive is not enough to destroy previously stored data.

The process in which free space is overwritten with random numbers so that previously-stored information is no longer traceable is also called zeros or shredding [1]. The overwrite can be applied to individual files or entire storage media with the appropriate amount of time. Since a simple overwrite can be reverted, it should be repeated several times. Corresponding wipe tools take over this task for classic hard disks.

Delete SSD hard drives and cards

SSD cards, which are installed primarily, but not only in mobile devices such as mobile phones, smartphones or cameras, work according to a different principle than HDDs and require another solution. Usually, this is provided in “Secure Erase” tools by the manufacturer itself. Also, the firmware of the device may provide a remedy.

However, the operations described do not offer 100% security either: memory areas of hard drives and SSD cards, to which the controller does not have direct access, for example, because it has been marked as damaged, are not always reliably deleted or overwritten by these measures and could still retain recoverable data. It should also be noted that overwriting SSDs reduces their lifespan.

Data protection thanks to encryption

An alternative to deleting and overwriting data is data encryption. If the memory is not directly accessible – for example, on mobile devices – and therefore not possible to delete it safely, encryption can provide a remedy. Current Apple devices use the feature automatically when a code lock is set for the device.

On Android, the option “Encrypt phone/tablet” can be activated manually so that the data can no longer be created without the appropriate key (PIN, pattern or similar). The “Security Advisor” function of the free security app IKARUS mobile.security warns when device encryption is disabled. Attention: Any additional memory cards must also be encrypted for safe use of the function! However, this card is fixed to the device and can no longer be used elsewhere.

“Encryption is also an interesting addition to deleting or overwriting data on hard drives or SSD cards”, recommends IT security expert Konstantin Kofler: “Even if data can still be read out, it is encrypted and therefore unusable.”

Destroy hard drives and memory cards

Even in the case of physical destruction of a terminal device or memory, errors must be avoided and care taken: The individual components must be thoroughly and irrecoverably destroyed, e. g. by multiple shredding. Data can often be recovered even from severely damaged data carriers.

If you want to be on the safe side, you can delete, overwrite or encrypt the hard disk even before physical destruction.

External backups and cloud storage

If not only devices and storage media are to be cleaned up, but also data should be deleted, backup data should not be forgotten. In cloud services, in particular, access depends on the security of the access method. If data is stored in plain text somewhere in the cloud, information may also be recoverable from this page.

For example, Mozilla Firefox and Google Chrome offer the option to set up additional encryption of sync data between multiple devices that are shared via the cloud. External backup hard drives or USB sticks can be encrypted with appropriate tools and protected against external access. Since September 2021, WhatsApp has also supported encrypted backups that cannot be recovered without the corresponding password.

It is also useful to check how the backup works and can be protected for other services. For important cloud services hosting backups, a 2-factor authentication is strongly recommended to prevent unauthorized access.

Red Teams, Blue Teams, Purple Teaming

Living Off the Land attacks

MSSP of the Year 2024

SIEM

What is a SIEM?

Nozomi Guardian Air
HarfangLab Guard
MITRE ATT&CK Framework
v.l.n.r.: Joe Pichlmayr (CEO IKARUS) – Anouck Teiller (CSO HarfangLab) –Alexander van der Bellen (Bundespräsident Österreich) - Frédéric Joureau (Erster Botschaftsrat der französischen Botschaft in Wien) – Christian Fritz (COO IKARUS)
EDR
Cyber Kill Chain
Business Email Compromise
Prognosen für die zehn größten Cybersecurity-Bedrohungen für 2030
E-Mail Verschlüsselung
Schritt für Schritt zum Notfallplan für IT-Security-Incidents
Account Management
Bedrohung

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 1 58995-0
Sales Hotline:
+43 1 58995-500
sales@ikarus.at

SUPPORT HOTLINE

Support hotline:
+43 1 58995-400
support@ikarus.at

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm
24/7 support by arrangement

Remote maintenance software:
AnyDesk Download