By Victor Ng, 12 Mar 2008
A notebook, presumably because of a hard disk problem, is sent for servicing. The data in the hard disk is recovered, and the technician allows incriminating data to fall into the hands of the wrong people. As a result, a major scandal arose.
Following the Edison Chen scandal - which rocked the Asian celebrity scene and provided rich fodder for the tabloids and Web forums - questions have arisen as to how data storage professionals could retrieve information even after files have been deleted, and hard drives reformatted or even damaged. Many users depend on us to provide simple answers and help.
While the tabloids have had a field day (for many days now), as the dust settles, the fact remains that best practices for data deletion, backup and recovery are critical both for issues of privacy as well as reputation, be it for companies and individuals. We have to ensure that data we need are accessible and backed up, and made only accessible to the people who should have access to it, while ensuring that data that are no longer required, but which can pose a threat to business or personal security, should not fall into the wrong hands.
Adrian Briscoe, General Manager for Kroll Ontrack in the APAC region, offers some answers and advice that storage professionals would do well to pass on to business end-users. Kroll Ontrack provides products and advice for data deletion to both individuals and companies across the world, in addition to performing over 50,000 recovery jobs per year.
Q. Why isn't deleting files enough to ensure no one gets to your files?
A. Hitting delete or reformatting is not enough if you want to get rid of your data permanently. Even after files are placed in a computer's recycle bin and the drive has been reformatted, data can still be recovered with ease by anyone with a little technical knowledge. This is because the act of deleting files or reformatting only removes the entries in the index or the table of contents that point to the data. It order to get rid of data for good, you will need to use a data wiping utility, such as Ontrack Eraser which overwrites all traces of data stored on a device, making data reconstruction impossible. There are many other data wiping tools available but it is important to remember that you get what you pay for.
Q. In some cases, data can be retrieved from damaged media. How is that possible and how is it done?
A. Kroll Ontrack has a team of expert engineers who are able to recover data in a vast majority of the 50,000 cases that they see every year. How much of the data can be retrieved depends very much on the damage caused and this varies on a case-by-case basis. If damage has been caused to the outer casing for example or the data has been exposed to water, even if oil has been poured into a hard drive, it is still perfectly possible to extract the information needed.
There are a number of downloadable tools available for restoring data from improperly wiped devices. When dealing with physically damaged media, however, it is always recommended that it be sent to a certified data recovery specialist for repair. This should never be attempted by an amateur as it can greatly increase the chance of the data being damaged beyond repair, rendering it impossible to retrieve.
Q. What are some of the steps average computer users should take if they want to ensure privacy of their data?
A. Before disposing or recycling unwanted hardware, users should ensure that they have used a data wiping utility from a reputable company and not simply hit delete or reformatted their hard drive. Many of these are available over the Internet at reasonable cost or, in some cases, for free. In order to ensure that the data really has gone, a tool such as Ontrack Data Eraser should be used.
If a computer contains confidential information, home users should ensure that this is backed up on to an additional device such as a USB stick or external hard drive before wiping the internal memory. If being sent for repair, users should always ensure that a professional vendor is used with a reputable name before handing their device over.
If your hardware has failed and it was not wiped beforehand, degaussing is another way forwards. This is basically an extremely powerful magnet which will completely ensure that all data has gone and 100% not recoverable. This can be done by sending your media to an expert like Kroll Ontrack and requesting the service.