Secure Data Deletion

Posted on by Ben Rothke

The law of conservation of energy is that energy remains constant; it can be neither created or destroyed. It simply transforms from one form to another. While not a perfect analogy, data on a hard drive or other physical media is quite difficult to completely transform to the state of fully erased.

While many have lost files and been unsuccessful in retrieving them, for an information security professional, the goal is often to ensure that the data is eliminated (sanitized is the official term) without the possibility of retrieval.

Secure data deletion is the process of deleting data such that it’s irrecoverable from the physical media it was on. For nearly every software program or system, secure data deletion is not the default option. In fact, it’s often not even an option.

In Secure Data Deletion (Springer 978-3319287775), author Joel Reardon has written the definitive reference on the topic. Other books have had chapter on the topic, but here, Reardon, a postdoctoral researcher at the International Computer Science Institute (ICSI) at the University of California Berkeley, has written a formalized and systematized approach to the secure deletion of data.

This is not the book for those looking for a list of products for file or drive sanitization. This is actually the book that the developers of such software and hardware solutions should be using to design their systems—and to ensure their products can indeed perform as described.

At the organizational level, enterprises need to determine how aggressive an approach they need to take for secure data deletion. To help in that process, the book lists several taxonomies of adversaries, which is extremely helpful in creating a formal risk-based approach to the issue.

The book opens with the story of the Macy’s 2012 Thanksgiving Day parade, where sensitive personal data fell from a New York City office building. Someone in the New York Police Department had shredded paper and used it as confetti. It turns out that the papers were from shredded police case reports. The papers were shredded horizontally such that entire stretches of text (names, social security numbers, arrest records, etc.) were fully legible. It is likely that the documents were shredded to securely delete the sensitive data they contained, and as an aside for confetti. The incident illustrates the challenges of data deletion in the physical world, which shows how difficult the task is at the hard-drive level.

I found the section on flash drive memory deletion to be of interest. Flash memory has its unique set of challenges when it comes to data deletion due to the way data is written, stored and updated. This poses a special challenge for those designing deletion hardware and software systems.

The book is a fascinating read for anyone who wants to understand the significant challenges in deleted data from various forms of media. This is a book best suited for those designing data destruction software and hardware systems.

Deleting data from media is not a trivial task. Designing systems to do that is even harder. As such, it’s quite easy to do wrong. In Secure Data Deletion, Reardon has written the definitive reference on doing it right.

Ben Rothke

Senior Information Security Manager, Tapad

risk management

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs