Did you know that deleted data from a computer's hard drive can be recovered because when a file is deleted, the data isn’t permanently erased from the media? You are probably wondering what we mean by that statement. You see, data recovery software can scan the disk for residual data fragments to reconstruct the deleted files. Such tools look for data patterns or file headers to identify and recover files even after deletion. Here are explanations on how data deletion works and advice on best practices to permanently delete your data to mitigate possible recovery from ill-intentioned parties.
When a file is deleted, the operating system marks the space the file occupies as “available space” for new data rather than removing the actual data. The file’s entry in the file system’s directory is removed, but the data remains on the physical storage medium until it is overwritten. In addition, the file system maintains metadata such as file names, sizes, and locations, to track files. Deleting a file removes its metadata, making the file inaccessible through normal means but specialized recovery tools can reconstruct this metadata to make the data accessible again. It’s important to understand that hard drives store data in binary form, in other words: in 0s and 1s formats. Even when a file is "deleted," the actual magnetic or electronic representation of the data still exists until it is overwritten. If you truly want to permanently delete data, use secure erasure tools that overwrite the data multiple times with random patterns. Keep in mind that even with the physical destruction of the storage medium, data may still be recoverable.
Data wiping tools overwrite the hard drive with random patterns, making data recovery nearly impossible. Look into a bootable tool that securely wipes the entire drive for example. A commercial tool that issues a certified secure erasure is also a good idea. The U.S. Department of Defense has a standard referred to as the “DoD 5220.22-M method”, suggests overwriting the data three to seven times with specific patterns. There are tools that offer this method as a built-in feature. Alternatively, encrypting the entire drive before deletion adds an extra layer of security. If the encryption key is lost, the data becomes unreadable, even if some fragments remain. You can encrypt your drive by using means like BitLocker and FileVault.
It's a good idea to verify that the hard drive is effectively wiped. To do so, you can use mechanisms like TestDisk to confirm that the data is no longer recoverable. For data that absolutely must not be recoverable, physically destroying the drive after wiping it adds another layer of security. Here are ways to physically destroy a hard drive:
Drill through the platters or SSD chips.
Use an industrial shredder.
Smash the drive by breaking it with a hammer, ensuring all parts are damaged
For magnetic drives, use a degausser to disrupt the magnetic field.
Most importantly, remember to practice ecology by properly disposing of the media and its electronic parts at certified e-waste facilities.