Main page

Points on information storage and security

Store files securely. The ways of information lost; free doesn't mean blank - wipe free disk space; Wipe sensitive files from hard disk!Today is the age of high technology and revolutionary achievements in the computing equipment area, also in important data and information. And now the question occurs, the question of how to keep this information safe and secure.

At present IT-corporations invests millions of dollar in development of information security techniques. But the only problem is researching how to make public information accessible to all users, and confidential data accessible only to whom itís intended.

In business, government and private area there are a lot of great volumes of confidential and secure information. It stores in computerís databases on hard disk. This information is a real value, and its loss in many cases may exert influence on state security.

The ways of informationís lost

In early years there was necessity for immediate access to storage media to get sensitive information. The network appearance was creating newer techniques for both recording data on the media and for getting access (also hidden from a user) to sensitive data. This pushed to research a lot of hardware and software methods of getting information from PC and networking. Networking with direct Internet access have turned out much weak.  

Sign up for the free QuickWiper email newsletter.†

The ways of information getting loss are directly based on techniques of treating, storing, moving and erasing of data.

1.       Information loss with replacement serviceable HDD.

Fast obsolescence of computer technologies is already established phenomenon. Each two years (under Moore's law) the personal computer double the capacity. After change of two generations of the personal computer, it does not represent any value and it is inexpedient to support technically and by software. As a rule, personal computers pay off for 4 years, and it means, that the IT-companies should replace 25 % of computer park within each year. That computers replacement may employ with cases listed below.

  • Remove computer to another working place with lower technical requirements.

  • Sell computer as Ďsecond handí.

  • PC as gift to someone (schools, funds, etc)

All this cases means old computers (also hard disks) removes with all the data, defense of which cost some money and time.

2.       Hidden ways to lose information.

  • Spyware, viruses and trojans. If your computer has ever been infected by a virus, and no matter what you did - even reformatting the disk space - the virus would not go away and kept coming back to wreak havoc on your PC. The reason is that the virus is hiding in a part of your system that is inaccessible by the operating system and most anti-virus software. 

  • Industrial espionage.  

  • Networking. Itís simplest way to open access to intruder.

3.       Information loss at replacement faulty hard disk.

One more and very important channel of information loss is a faulty hard disk. In ĎOntrackí opinion - the world leader on restoration of the information on faulty HDD - the hardware failures of disk are guilty in 78 % of cases of data loss. Modern technologies of information storage on magnetic carriers develop very fast. Modern hard disk space store in 500 times more information, than 10 years ago. The density of storage of the information and speed of rotation of magnetic plates has rised, but, unfortunately, such parameter as HDD reliability, has considerably changed for the worst. So, practically all HDD manufacturers give up 3 year guarantee to one-year.

Most of hard disks break during the guarantee period and should be replaced on a guarantee. And there is no opportunity to consider the information from a disk, to copy it on other carrier or to erase it. In this case the firm-seller exchanges hard disk with the information on a new carrier, and the faulty disk is sent to the manufacturer or placed on a long storage. Huge quantity of information, including sensitive, is getting by irrelevant persons.  

What disk space hides

While not only laws, but also the hardware, forbidding or interfering non-authorized access to the confidential information exist, removal of the data with disk allows the interested person not only to bypass security systems without of external attributes displaying, but also make it practically lawfully.

Many users know that simple file deleting or even reformatting disk space doesnít remove data. Just once saved, information on disk space is very hard to erase from magnetic memory of the hard disk. Thatís why harmless replacing of computer or transferring it to another person is a simplest way to open of restricted access information.

Except confidential information, about which users know (accounting, financial, personal, perspective development), a set of other confidential data not always known to the operator can be stored on the disk space, usually named as free. Applications and operating systems store passwords, keys of enciphering and other data with the limited access in various places of hard disk, including files of a configuration and temporary files. Operating systems arbitrarily save contents of memory in a file on a disk (i.e. swap-file) that does not give an opportunity to learn, that from these data is really kept on a disk space.

Now a problem is the software installed on personal computers. Practically all licensed software cannot be transferred with old hardware without licenses. Therefore the requirement on removal of licensed software at sale or transfer of out-of-date computers remains.

Substantive provisions of protection of the information stored on hard disk

Maintenance of reliable destruction of the sensitive information at the end of  hard disk life cycle demands careful study of safety information issues.

Erasing of the data from disk space does not provide protection of the information. Process of information defense should be based on a number of the coordinated techniques finally providing high probability of destruction of the information.

Though any of techniques cannot guarantee 100 % reliability of destruction of the information, there are substantive provisions and conditions of protection of the information.

  1. Necessity of physical protection of HDD (from non-authorized access).

  2.  Regular control and accounting. It means tracking carriers leaving operation, the control of process of destruction of the information and drawing up the report on deviations in this process and admitted errors.

  3.  Using of standardized applications and techniques to wipe the information on HDD. Important thing is to wipe free disk space.

  4. Regular check of process of destruction of the information on carriers.

  5. Periodic control of reliability of destruction of the information.

  6.  Accounting on every destroyed disk.

This techniques must provide highest security level for sensitive information stored on hard disk drive.

Related articles:

  • Points on information storage and security. At present IT-corporations invests millions of dollar in development of information security techniques. But the only problem is researching how to make public information accessible to all users, and confidential data accessible only to whom itís intended.

  • Short review on non-software methods of destruction of the information on hard drives. Sometimes, when the highest reliability is needed, itís using mechanical and other methods of destruction of the information, when HDD is breaking as oneself.

  • Secure delete file and clear disk space. All kinds of information is stored in computers as a files. Each file takes some place on a hard disk. And the first (and main for our issue) problem is you never know where itís placed, and how much disk space it occupy.

  • Disk space: free doesnít mean blank. Letís repeat, when you delete sensitive files from a disk on your computer, Windows does not erase the contents of these files from the disk - it only deletes 'references' to these files from file system tables. Contents of the deleted file continue to be stored on the disk space and can be easily recovered using any unerasing utility.

Made in Devoler