Connect with us

Security

How to securely erase the data off your iPhone or iPad, Android device, Windows PC, hard drives, SSDs, and flash drives

Published

on

Making sure that your personal information is safely and securely erased from devices that you are no longer using is a good thing. Here’s a quick guide to securely wiping hard drives (HDDs), solid state drives (SSDs), flash drives, and even iOS and Android devices.

Just bear in mind that these erasure methods are permanent, and there’s no undo. If you don’t have a backup of your data, it’s gone forever.

Must read: iPhone, iPad, and Mac buyer’s guide: July 2019 edition

Wipe drive using Windows

Yes, you can wipe a drive using the Windows format command.

Fire up a Command Prompt and type:

Format volume /P:passes

Where volume is the drive letter, and passes is the number of format passes you want to make.

For to wipe d drive with 4 passes, use the following:

Format d: /P:4

Under Windows 8 and Windows 10, the wipe passes use random numbers to overwrite data on the disk (on previous versions 0 were used).

You can also wipe the drive that Windows is installed on by booting from a Recovery Drive and choosing the Troubleshoot > Advanced options option to access Command Prompt.

Built-in way to erase iOS and Android devices

Built-in way to erase iOS and Android devices

iOS and Android devices both have built-in tools to erase the devices.

  • On iOS: Settings > General > Reset and then tap Erase All Content and Settings.
  • On Android: Settings > Backup & reset > Factory data reset and then tap Reset phone or Reset device.

You can also securely wipe the devices remotely using Find My iPhone for iOS or the Google Account associated with the Android device.

Price: Free

The hands-on method

The hands-on method

Not sure how to erase a device? I guarantee you that if you get a big enough hammer and spend enough time hammering, this will work on anything!

This method also works great if you just want to destroy drives before you take them to the recycling plant. It’s also a great stress reducer!

You will need:

  • A hammer (I use my trusty 32oz “fine adjustment” hammer)
  • A thick nail (a 6-inch nail will do fine)
  • Thick gloves – because you’re going to be hammering that nail through the drive using the hammer, and hammers seem to be magnetically attracted to thumbs
  • A block of wood — so you don’t nail the drive through your floor (it’s preferable to do this outside if you can)
  • Eye protection — you’ve only got a maximum of two to start with, so it’s silly to take chances!
  • Now you apply brute force. Ideally you want to put a nail through the platters of the drive, going all the way through (it’s actually not as hard as it sounds). I aim for the spot marked by the red X on hard drives.

Alternatively you can use a power drill to make holes, but make sure that you have a way to securely hold the drive, for example, using a vice. Don’t hold the drive in your hand because if the drill bit catches and the drive starts to spin — or “helicopters” — on the end of the drill then there’s a real risk of injury.

Another thing to bear in mind is that the data in SSDs is held on small flash storage chips rather than large platters, and to securely erase the data you need to smash the chips. Usually, this means taking the cover off the drive before you start swinging.

If you’re not sure which are the flash storage chips, just drive a nail through all the large chips to be on the safe side.

Price: Free

What about storage that’s defective but under warranty?

What about storage that's defective but under warranty?

The time that wiping storage devices gets complicated is when the device is broken or malfunctioning in some way.

For example, a hard drive that dies, or a storage card that can no longer be accessed.

What do you do if you have to return something under warranty but there’s data stored on the device?

Well, things get complicated.

You could rely on the face that the device is dead, and that your data is inaccessible, but that’s probably not the case. Data can be recovered off most storage devices if you are willing to throw money at the problem. You might not be able to get access to it, but someone else could.

If this is something that you’re worried about then the best thing to do is to ask your vendor in advance what their policy is and buy based on what the answer you get is. Some will point you to a privacy policy, others will allow you to physically destroy the device before returning it (common for smaller items like microSD cards and the like). Sometimes, as is the case with a PC or external storage system, you might be able to remove the drives before returning the device for repair (assuming it’s not the storage that’s died).

Another option open to for many devices is to encrypt all your data. If the data on your PC, external storage, or flash drive is encrypted (and the encryption is legit, and assuming you’ve chosen strong passphrases and the like), then the data is likely unrecoverable to third parties.

Use high-end storage with built-in data destruct features

Use high-end storage with built-in data destruct features

High-end encryption devices — such as the Apricorn Aegis Secure Key 3z — will have a built-in data destruct feature where you enter a PIN code or run a program that will securely wipe the device.

PIN code data destruction is especially handy because after you enter the PIN the device destroys the encryption key and appears blank boots up, offering plausible deniability.

StarTech 4-bay drive eraser

StarTech 4-bay drive eraser

If you have a lot of drives to erase, you need a professional piece of kit that can keep up with the demands that you’re going to place on it.

This hard drive eraser provides standalone, simultaneous drive erasing for up to four 2.5-inch or 3.5-inch SATA hard drives or solid-state drives.

Unlike hard-drive docking stations or adapters that require a computer connection and software to erase drives, this hard drive sanitizer features standalone erasing that doesn’t require a host computer. This avoids the hassle of connecting your drives to a host computer and protects your drives from external security threats like remote data access.

The four-bay design maximizes efficiency by batching multiple drives in single erase projects, saving you valuable time. The hard drive eraser supports USB 3.0, also known as USB 3.1 Gen 1, with file transfer rates of up to 5Gbps.

Price: $815 | More information

DBAN – Darik’s Boot and Nuke

DBAN - Darik's Boot and Nuke

This is the default tool that most people who have the odd drive to erase turn to. I’ve used this tool to wipe thousands of drives and found it to be both thorough and very effective.

While DBAN is an awesome tool, it’s important to understand its limitations. Here is what the new owners of DBAN, Blancco Technology, have to say:

“While DBAN is free to use, there’s no guarantee of data removal. It cannot detect or erase SSDs and does not provide a certificate of data removal for auditing purposes or regulatory compliance. Hardware support (e.g. no RAID dismantling), customer support and software updates are not available using DBAN. Should you need to erase data from a SSD or require a certificate of data removal, request a free trial of Blancco Drive Eraser.”

Price: Free | More info/download

PARTED Magic

PARTED Magic

Another way to do this is to use a software tool called PARTED Magic.

While PARTED Magic is not free (price starts at a reasonable $11), it is a very effective tool, and one of the best I’ve used for wiping SSDs, as well as the depth of information it offers.

This tool also does a lot more than data erasure:

  • Data cloning
  • Benchmarking
  • Disk partitioning
  • Data rescue
  • System stability tester

Price: $11 | More info/download

Blancco Drive Eraser

Blancco Drive Eraser

This is the go-to tool for professional, certified, drive erasure.

Guarantee your data has been erased from any drives, including complex SSDs in desktop/laptop computers, servers and storage environments with the most certified and patented data erasure solution.

Includes advanced features such as:

  • Patented solid state drive (SSD) erasure (Patent No. 9286231).
  • Erases data permanently from multiple HDDs/SSDs simultaneously
  • Automates the hard drive wiping process to remove system BIOS free locks
  • Local and remote deployment
  • RAID dismantling and pass through
  • Identifies false positives during internal data erasure processes
  • Provides digitally signed certificate of proof of secure erasure for auditing
  • Compliant with state, federal and international data privacy regulations and guidelines, including ISO 27001 and ISO 27040

Price: $18.46 per erasure | More info/download

Blancco Mobile Device Eraser

Blancco Mobile Device Eraser

Blancco mobile and phone wiping software allows organizations, mobile service providers and resellers to permanently erase all data from smartphones and tablets running on iOS, Android, Windows Phone and BlackBerry operating systems.

Securely wipes iOS, Android, Windows Phone and BlackBerry operating systems
Quickly erases data on up to 50 mobile devices simultaneously
Automatically selects the fastest and most effective data erasure method
Provides digitally signed certificate of proof of data erasure for audit trail purposes
Compliant with state, federal and international data privacy regulations and guidelines, including ISO 27001 and ISO 27040

Price: $13.52 per erasure | More info/download

Wiebetech’s Drive eRazer Ultra

Wiebetech's Drive eRazer Ultra

The WiebeTech Drive eRazer Ultra is a stand-alone device that completely and quickly cleans hard drives. Simply connect a drive to the Drive eRazer Ultra and it will sanitize the drive faster than using software, and without tying up your computer.

The Drive eRazer Ultra leaves the drive ready for safe re-use, and comes with a dozen different preset erase procedures, including US Department of Defense graded methods for data wiping.

Additional features:

  • Simple setup and operation with LCD and menu buttons
  • USB port for drive previewing and deletion confirmation
  • Serial label printer connector
  • Rugged aluminum construction
  • 3-year warranty
  • Free US-based customer support

Price: $249 | More info

ProtectStar Data Shredder

ProtectStar Data Shredder

I like ProtectStar Data Shredder software because it works across the board — Windows, Mac, iOS, Android, even Apple TV.

This tool meets and exceeds government, military and industry standards for the permanent erasure of digital information and erases all existing data up to top-secret security level data.

Price: Depends on version and platform | More info/download

Encrypt the whole drive

Encrypt the whole drive

One of the easiest — and certainly the cheapest — ways to erase data on a device is to encrypt the entire drive with a complex passphrase. You can use built-in tools such as BitLocker on Windows or FileVault on macOS, or a third-party tool such as or third-party VeraCrypt. Encrypt the drive with a strong throw-away passphrase and you’re done.

No passphrase, no data.

You can then format the drive, from which point it should be sterile and ready to accept a reload of the data.

Price: Free | More info/download

Erase using manufacturer utilities

Erase using manufacturer utilities

Another way to erase SSDs is to use the manufacturer utilities. Here are some links to get you started.

Price: Free

See also:

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

Key Criteria for Evaluating Security Information and Event Management Solutions (SIEM)

Published

on

Security Information and Event Management (SIEM) solutions consolidate multiple security data streams under a single roof. Initially, SIEM supported early detection of cyberattacks and data breaches by collecting and correlating security event logs. Over time, it evolved into sophisticated systems capable of ingesting huge volumes of data from disparate sources, analyzing data in real time, and gathering additional context from threat intelligence feeds and new sources of security-related data. Next-generation SIEM solutions deliver tight integrations with other security products, advanced analytics, and semi-autonomous incident response.

SIEM solutions can be deployed on-premises, in the cloud, or a mix of the two. Deployment models must be weighed with regard to the environments the SIEM solution will protect. With more and more digital infrastructure and services becoming mission critical to every enterprise, SIEMs must handle higher volumes of data. Vendors and customers are increasingly focused on cloud-based solutions, whether SaaS or cloud-hosted models, for their scalability and flexibility.

The latest developments for SIEM solutions include machine learning capabilities for incident detection, advanced analytics features that include user behavior analytics (UBA), and integrations with other security solutions, such as security orchestration automation and response (SOAR) and endpoint detection and response (EDR) systems. Even though additional capabilities within the SIEM environment are a natural progression, customers are finding it even more difficult to deploy, customize, and operate SIEM solutions.

Other improvements include better user experience and lower time-to-value for new deployments. To achieve this, vendors are working on:

  • Streamlining data onboarding
  • Preloading customizable content—use cases, rulesets, and playbooks
  • Standardizing data formats and labels
  • Mapping incident alerts to common frameworks, such as the MITRE ATT&CK framework

Vendors and service providers are also expanding their offerings beyond managed SIEM solutions to à la carte services, such as content development services and threat hunting-as-a-service.

There is no one-size-fits-all SIEM solution. Each organization will have to evaluate its own requirements and resource constraints to find the right solution. Organizations will weigh factors such as deployment models or integrations with existing applications and security solutions. However, the main decision factor for most customers will revolve around usability, affordability, and return on investment. Fortunately, a wide range of solutions available in the market can almost guarantee a good fit for every customer.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

Continue Reading

Security

Key Criteria for Evaluating Secure Service Access

Published

on

Since the inception of large-scale computing, enterprises, organizations, and service providers have protected their digital assets by securing the perimeter of their on-premises data centers. With the advent of cloud computing, the perimeter has dissolved, but—in most cases—the legacy approach to security hasn not. Many corporations still manage the expanded enterprise and remote workforce as an extension of the old headquarters office/branch model serviced by LANs and WANs.

Bolting new security products onto their aging networks increased costs and complexity exponentially, while at the same time severely limiting their ability to meet regulatory compliance mandates, scale elastically, or secure the threat surface of the new any place/any user/any device perimeter.

The result? Patchwork security ill-suited to the demands of the post-COVID distributed enterprise.

Converging networking and security, secure service access (SSA) represents a significant shift in the way organizations consume network security, enabling them to replace multiple security vendors with a single, integrated platform offering full interoperability and end-to-end redundancy. Encompassing secure access service edge (SASE), zero-trust network access (ZTNA), and extended detection and response (XDR), SSA shifts the focus of security consumption from being either data center or edge-centric to being ubiquitous, with an emphasis on securing services irrespective of user identity or resources accessed.

This GigaOm Key Criteria report outlines critical criteria and evaluation metrics for selecting an SSA solution. The corresponding GigaOm Radar Report provides an overview of notable SSA vendors and their offerings available today. Together, these reports are designed to help educate decision-makers, making them aware of various approaches and vendors that are meeting the challenges of the distributed enterprise in the post-pandemic era.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

Continue Reading

Security

Key Criteria for Evaluating Edge Platforms

Published

on

Edge platforms leverage distributed infrastructure to deliver content, computing, and security closer to end devices, offloading networks and improving performance. We define edge platforms as the solutions capable of providing end users with millisecond access to processing power, media files, storage, secure connectivity, and related “cloud-like” services.

The key benefit of edge platforms is bringing websites, applications, media, security, and a multitude of virtual infrastructures and services closer to end devices compared to public or private cloud locations.

The need for content proximity started to become more evident in the early 2000s as the web evolved from a read-only service to a read-write experience, and users worldwide began both consuming and creating content. Today, this is even more important, as live and on-demand video streaming at very high resolutions cannot be sustained from a single central location. Content delivery networks (CDNs) helped host these types of media at the edge, and the associated network optimization methods allowed them to provide these new demanding services.

As we moved into the early 2010s, we experienced the rapid cloudification of traditional infrastructure. Roughly speaking, cloud computing takes a server from a user’s office, puts it in a faraway data center, and allows it to be used across the internet. Cloud providers manage the underlying hardware and provide it as a service, allowing users to provision their own virtual infrastructure. There are many operational benefits, but at least one unavoidable downside: the increase in latency. This is especially true in this dawning age of distributed enterprises for which there is not just a single office to optimize. Instead, “the office” is now anywhere and everywhere employees happen to be.

Even so, this centralized, cloud-based compute methodology works very well for most enterprise applications, as long as there is no critical sensitivity to delay. But what about use cases that cannot tolerate latency? Think industrial monitoring and control, real-time machine learning, autonomous vehicles, augmented reality, and gaming. If a cloud data center is a few hundred or even thousands of miles away, the physical limitations of sending an optical or electrical pulse through a cable mean there are no options to lower the latency. The answer to this is leveraging a distributed infrastructure model, which has traditionally been used by content delivery networks.

As CDNs have brought the internet’s content closer to everyone, CDN providers have positioned themselves in the unique space of owning much of the infrastructure required to bring computing and security closer to users and end devices. With servers close to the topological edge of the network, CDN providers can offer processing power and other “cloud-like” services to end devices with only a few milliseconds latency.

While CDN operators are in the right place at the right time to develop edge platforms, we’ve observed a total of four types of vendors that have been building out relevant—and potentially competing—edge infrastructure. These include traditional CDNs, hyperscale cloud providers, telecommunications companies, and new dedicated edge platform operators, purpose-built for this emerging requirement.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Vendor Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

Continue Reading

Trending