EOL IT Services has now merged with tier1 Asset Management Ltd

The Delete Key Is Not A Secure Way To Dispose of Business Data

by | Oct 20, 2015 | IT Security

For the majority of us, the delete key is simply a useful tool that means the data that we no longer need is out of our way. That said, most of us rarely take a moment to think about where those files go after we have hit the button. After all, if the data is not sensitive or is for personal use it is usually not a huge concern. However, when it comes to the disposal of sensitive business data you will need to find a better and more secure, way of deletion – the delete key is not sufficiently secure. So what actually happens to data when it is disposed of using the delete key?

A common misconception is that the ‘Delete’ key erases the data, and that moving it into the recycle bin writes over the data in the file. However, this is just that: a misconception. All that this achieves is to simply move the file from one place on your computer to another. Deleting the file means that the space that it once occupied on the disk is free, but it will not necessarily be overwritten for a very long time until the disk has been reused many times. This will vary from disk to disk but, until it has eventually been overwritten, the information can be recovered.

Here’s an explanation of what a file actually is, and what happens when it is deleted:

The file consists of two parts:

1. An entry that makes a record of the name of the file and a list of the ‘blocks’ on the disk that contains the data within the said file. The operating system records the fact that these parts of the disk are currently in use.

2.The ‘blocks’ that actually contain the data content on the file.

When the file is deleted:

The ‘blocks’ that were recorded as containing data are now marked as ‘free,’ and will be made available for other files stored on the disk to use. The old record of the file on the disk is made available for new files to take its place, and the old file effectively ‘disappears’ from the folder.

But, be aware – the ‘blocks’ that contained the data content are not affected at all, meaning that the data within them remains until newer files eventually overwrite them – they can be recovered until they are actually overwritten.

How to delete your files forever

It is possible to prevent the recovery of these ‘deleted’ files and to securely overwrite the data that they contain. This is usually a simple and fast task for anyone with a little computer knowledge.

However, preventing the recovery does require specific tools. It is not a suitable default task, because for this to happen by default it would be very slow and cause wear on the disk. This would also mean that, if any important data were to be deleted by mistake, it would be difficult to recover effectively and quickly.

Implementing a Secure Data Destruction Process

From a business data perspective, all staff should be made aware of what happens when they delete a file. Ideally, you should also have a process in place for the secure destruction of sensitive data that is no longer required.

[Photo Credit:  Digital Adrian ]

Recent Stories

Does AI Fight or Facilitate Cybercrime?

Does AI Fight or Facilitate Cybercrime?

Despite the splash made by ChatGPT at the end of 2022, Artificial Intelligence and Machine Learning have been part of our daily lives for some time. We use smart home devices, chatbots, voice assistants, and Netflix recommendations with little thought as to what’s...

These 5 Sustainable IT benefits will boost your business.

These 5 Sustainable IT benefits will boost your business.

The urgent need to minimise the impact our technology has on our environment stretches far beyond the moral obligation. With the future development of our organisations in mind, if we are to continue to rely heavily on the networked technologies that simplify our...

Are Hardware Vulnerabilities Your Cybersecurity Blind Spot?

Are Hardware Vulnerabilities Your Cybersecurity Blind Spot?

As cybercriminals commonly target software vulnerabilities, the assumption is easily made that cybersecurity threats come in the form of phishing, malware or ransomware. Consequently, corporate cybersecurity strategies can neglect the very foundation of the network,...