Data security nowadays is a burning issue, not only for companies and government agencies, but rank and file people as well. In the world of high tech, it is quite a challenge to destroy information, especially when you have no idea how to do it. We are all well aware of recent notorious trials, when the only evidence determining the outcome of the process was the data resurrected from a magnetic device.
According to various studies over 40% of all discarded magnetic storage devices do still contain personal and classified info that as you can already guess, can be and is used not in the owner's favour. Besides, constant hardware upgrades make the problem even more complicated than ever.
Actually, data security is a two-sided problem. It is to be made clear, that providing confidentiality implies not only information to be stored properly, but also be destroyed according to certain rules.
Many people believe the misconception that repartitioning a disk will result in complete destruction of its contents. Actually that is not quite so. Repartitioning the drive only alters references to partitions in the Partition Table, leaving all file data intact. In fact, there are a number of programs available to successfully recover previously deleted partitions.
Formatting a drive also does not guarantee data destruction. Formatting procedure implies modification of the Master File Table (MFT) that keeps track of where file contents are stored on the disk and verification of each sector for consistency. Even a low-level format does not actually erase the file contents for good, since they can still be resurrected from their deleted state with minimal effort by using the popular today Magnetic Force Microscopy technology. MFM is an effective tool to magnetic investigations on sub micron scale. The only way to make sure that all the data has been erased from a magnetic device is to overwrite all on-disk sectors with random patterns.
Although this sounds complex, there is an easy way to do this.
The process of deliberately, irreversibly removing or destroying the data stored on a memory device (magnetic disks, flash memory drives, etc.) is generally known as Data Sanitization.
A device that has been sanitized has no usable residual data and even advanced forensic tools should not ever be able to recover it, thus providing maximum level of security.
Government and military agencies are deeply worried by the fact how easily deleted information can be recovered particularly taking into consideration classified and top secret issues. That is why there has been developed a number of disk sanitizing standards.
Complete Care Consultancy LTD sanitise to the following regulations :
- US DoD 5220.22-M. US Department of Defense recommends to overwrite all addressable locations with a character, its complement and then a random character. Finally, the target data area is to be verified;
- US Navy standards NAVSO P-5239-26.
- NAVSO P-5239-26 for RLL encoded drives;
- NAVSO P-5239-26 for MFM encoded drives;
- British HMG Infosec Standard No.5. At first to write a single character pattern, then its complement and then a random character. Finally, the target data area is to be verified;
- German VSItR Standard. Overwrite the deleted information 7 times with specific patterns. Finally, the target data area is to be verified;
- Australian ASCI 33. Overwrite with a character (C), then verify. Overwrite with -C (the first pass character's inverse), then verify again. Overwrite everything with both C and -C once again but without verification. Fill everything with random characters.
- Russian GOST R 50739-95. Destroy information by a single pass with writing random characters into each sector byte.
Peter Gutmann's algorithm. A whopping 35 passes, with 27 random-order passes using specific patterns combined with eight passes using random patterns;
- Bruce Schneier's algorithm. Two passes of specific patterns followed by five passes using a cryptographically secure pseudo-random sequence;
- Paragon's algorithm.
- Overwrite each sector with a forcefully randomized 512-byte string, new for each sector, using CSPRNG (cryptographically secure pseudo-random number generator).
- Overwrite each erased sector with its complement.
- Overwrite each sector with a 512-byte string (CSPRNG), again forcefully randomized and different from the first pass, and new for each sector.
Finally, the target data area is to be verified. | 
Complete Care Consultancy Produce Certificates Of Data Sanitisation in accordance with the guidelines set at the bottom of this page.
