Previous month:
March 2014
Next month:
May 2014

April 2014

How to Securely Erase Removable Media Using Windows 7

In a companion post, How to Securely Erase Removable Media Using Mac OS X, I explain how physical loss, theft or improper disposal of laptops or removable drives is the most common data breach of electronic personal health information. Personal identifying or health data disclosure are too frequent outcomes of leaving our data on laptops or drives we lose, discard, or sell. Several ways exist to protect these data: encryption, data destruction, archival, or secure erasure.

Encryption does protect data, but once you lose physical possession of a drive, time favors the criminal or attacker. If he feels the improperly disposed data are sufficiently valuable, he can try commercial or custom software to recover encrypted data. Data destruction is permanent but there's little resale value in shredded drive particles. Archival as effective as the physical security measures you employ.

While "encrypt your data" is good advice, secure erase raises the difficulty of recovering sensitive data even further. Secure erase "writes over" the actual contents of your volume, not just the "metadata" that describes them. 

Securely erasing removable drives before disposal or resale makes sense. It’s easy to do using any of several software available for Windows 7. I'll explain how to securely erase a laptop/PC internal drive using Active@ Killdisk and then explain how to securely erase removable media using CCleaner. If you don't like either of these, try the recommendations at PC World or Tech Republic.

Securely Erase Windows 7 Laptop Internal Drives Using KillDisk

Microsoft advises that if you want to securely erase the internal drive of a Windows 7 laptop before you sell or trash it, you should first use the Backup and Restore or  Windows Easy Transfer to save your data. If you don't want to deal with secure erase, Microsoft suggests that you choose a certified third party to refurbish your laptop (or PC). This might be a good choice if you're going to dispose of computers or drives in quantity, but it's relatively simple to perform this task from a bootable external medium (CD, DVD, USB drive) using Active@ KillDisk.  

Figure-1Begin by downloading the zip archive from Active@. Unzip the archive, then use the ISO to USB application to create to create a bootable external drive.  Restart your laptop/PC but hold F12 after restart begins to force a boot device menu where you can choose your USB drive. Killdisk autolaunches following boot. Choose the drive you wish to erase, choose the erase option, (note that the free version only zeroes out data), then select F10 to erase. Remove the USB drive when Killdisk completes, then hit F1 to Quit.

If you're a business with data protection (specifically, remanence) obligations, KillDisk has a certificate-issuing feature that may help you demonstrate compliance to a rule or reg.

Securely Erase Removable (USB) Drives Using 

I use the Drive Wiper Tool of Piriform's CCleaner to securely erase a removable pen/thumb drive or external drive from a Windows 7 laptop or PC. CCleaner has several other features you may find helpful over time as well. To securely erase a drive. launch CCleaner, then:

1) Choose Tools, select your Wipe and Security options, choose the disk you wish to securely erase, then click on the Wipe button...

Ccleaner7pass

2) CCleaner asks you to confirm that you really want to wipe the drive you've selected:

CcleanerERASE

3) A 7-pass secure erase of a 4 GB Thumb Drive takes an hour or so on my 2.4 GHz laptop, so I generally do this as a background task. 

Ccleaner7passtimereqd

4) For comparison, a 35-pass secure Erase of the same drive can take much longer. I would do this overnight.

Ccleaner35passtimereqd

You can also use this method if you remove the internal drive of a laptop or PC you are retiring and mount it in a USB drive enclosure. It's often not necessary to retire a laptop and everything in it at the same time. Drives may outlast a laptop’s utility, especially if an expensive component other than the drive fails or is damaged. And if the drive does fail, I suggest you either keep it or destroy it.

Should I Bother?

If you have drives or removable media on which you've stored personal identifying information, healthcare information, sensitive business data, confidential or classified data, whether yours or others, you should at least encrypt these data. Secure erase may seem like overkill, but all you're investing is a few minutes to configure Disk Utility. The rest is simply a matter of devoting idle CPU cycles to an effective privacy measure.


Top 5 #Infosec Reads April 21-25, 2014

 by Matt Piscitello

New Google Technology can solve CAPTCHA Puzzles

CAPTCHA, a technique meant to tell humans apart from bot programs, can now be deciphered by Google's Street View technology with near perfect accuracy. The results of this research suggest that we need to update our methods of verification, or even add new layers of security.

How to Securely Erase Removable Media Using Mac OS X

Lost or stolen laptops or removable drives can be serious security incidents. Disposing of or selling a laptop or removable drive without securely erasing the data is just as serious. Learn how to securely erase drives using the Disk Utility that comes with Mac OS X. 

The Heartbleed Recovery Starts With You and Me

Despite taking advantage of flaws in OpenSSL, the Heartbleed incident is a sign of how effective open source software development really is. The OpenSSL project only has one full-time developer and the rest are volunteers, yet they're doing more for the software development community than it realizes. If a miniscule number of engineers are working on open source and can address and resolve an issue shortly after it's discovered, think of what a fully staffed organization could accomplish. 

Data Breach Discovery Takes 'Weeks or Months'

 Businesses reportedly drag their feet when it comes to recognizing and reacting to data breaches, which is made worse by the fact that the most prevalent attacks follow relatively few patterns. Organizations and users alike need to recognize that no one is immune to data breach and that the responsibility of protecting oneself and others falls to every web user.

WhatsApp flaw leaves users open to spying

WhatsApp has owned up to a security flaw that leaves location data unencrypted and exposes users to man-in-the-middle attacks. WhatsApp has made strong claims about privacy in the past, and came forward as soon as the issue was discovered. According to SC Magazine UK's Tim Ring, "this is the latest in a series of security problems that the company currently faces."