We've shown you how to hide your data, as well as ways to encrypt it. But what about data that you're done with – those files and folders that you don't want anyone to ever, ever see? You have to destroy them. And if you think that's as simple as dragging items to the Recycle Bin icon on your desktop, and then emptying it, think again.
In other words, thanks to the way computers work, data is not gone for good without some extra work on your part. Hard drives and operating systems make you think data is deleted after you empty the trash, but it isn't. The space is just available for new files. Anyone with the right forensic tools – yes, think CSI if you want – can typically revive data you thought you had got rid of.
Luckily, you can recover deleted data too. So when you accidentally delete a file, it doesn't have to be a disaster. But if you want that data truly destroyed, you have to shred it and overwrite where it lived (a few times for good measure), and then you can go on in peace, even if you sell the drive later.
Nuke it: Hard drive wipe
If you're going to pass an old hard drive on to someone else and you want to make sure the data that used to reside on it is never seen again, you need to securely wipe it with a digital tool that will overwrite the disk several times in order to make it impossible to recover the data.
Overwriting usually comes in a couple of forms: The Gutmann method, which calls for overwriting data 35 times, and the US Department of Defence’s recommended method, which is seven overwrites. In addition, there's the Pseudorandom Number Generator (PRNG) Method, which uses random data in just four overwrites. Guess which one takes the longest? Doing 35 overwrites on a large-sized hard drive can take days. Literally.
You’ll be absolutely fine with just a few overwrites. In fact, the Gutmann method performs operations that might not even work with modern hard drives, so stick to a small number of overwrites.
(Note: You probably don't have to go through this palaver if you're just going to reinstall the OS for yourself. A simple disk format should be fine).
A perfect – and free – tool for the job is Darik's Boot and Nuke (DBaN). You can download the software as an image and write it to a DVD or USB flash drive, and then boot your computer with DBaN as the temporary OS with one mission: Keep writing over the disk until it's done. You can pick a quick erase, DoD method (three or seven passes), PRNG, Gutmann, or even a data sanitisation method created by the Royal Canadian Mounted Police that will do one to seven passes.
Note that if you’re not going to sell the drive on, or use it again yourself, in other words, if it’s destined for the trash – or the recycling depot, rather – then you can simply hit the hard drive with a hammer. Repeatedly. This is a very easy method of data wiping (though mind your thumbs). Keep hitting the drive until the platters break, and it sounds like a rattle when you shake it – by that stage, nobody will be recovering anything from that disk.
Shredders: Selective data wipes
There's no lack of file shredding programs out there. What they promise to do is make sure a file is actually deleted when you choose delete. They overwrite the spot where the file(s) once lived on the hard drive, to ensure that forensic software can't recover the data. Just be aware that the overwrite adds time to file deletion, so you may experience some lag when you do a secure wipe.
Also, don't neglect the importance of free space scrubbing, where software looks at the supposedly empty space on your hard drive and scrubs it clean. If you are going to sell your computer, for example, you can format the drive, reinstall the OS, and then use the free space scrub to ensure no one ever restores your old files.
These days, many security suites include secure file deletion utilities, so it’s worth looking through the menus of your suite to see if that’s an (already installed) option. Otherwise, you can look to a third-party tool – or the OS, in the case of the Mac.
Yes, OS X actually has a selection under the Finder menu called Secure Empty Trash, so you can do exactly that with whatever you dragged to the trash. You can also go into Finder Preferences and choose to always empty the trash securely if you want.
If you’re using Windows there are numerous options. A couple of free utilities include Hard Disk Scrubber for both free space scrubs and selective shredding, and Eraser, which can even run on a schedule you set. There’s also DeleteOnClick, which allows the user to right click and delete a file right away (once the scrubbing is done).
If you simply want to wipe your empty disk space, one of our favourite tools for cleaning up the crap in Windows is Piriform's CCleaner. You can set this to happen automatically with each clean or manually run the Drive Wiper from the tools menu. As with any wipe, if you've got a big drive with lots of space, you'll be waiting a while.
What about online files?
What about all the data you have in the cloud? What are the options for permanent deletion of that data?
Take Google Drive, for example. Google says it's easy to delete a file: Just right click on it, select Remove, then click on the Trash, and click the Empty Trash button. Voila, it’s gone. But did you make sure the file was no longer shared? Did you, in fact, even own the document in question? You'll need to remove other owners, editors and viewers before you can even get as far as moving it to the trash. Even then, you can't count on it being gone. How do you really know what’s going on in Google’s servers? As far back as 2007, it was reported that Google left an image of your document available on its servers – the very image it would make available via a URL for shared viewing.
Here's the smartest thing you can do: If your files are truly sensitive, DON'T PUT THEM IN THE CLOUD. Sure, storing data with Google Drive or SkyDrive is not exactly the same as putting pictures on Twitter, by any means, but all it takes is one unscrupulous person to intercept something you don't want to share. Then you've lost control of your own data.