This article can also be found in the Premium Editorial Download "Storage magazine: Is storage virtualization ready for the masses?."
Download it now to read this article plus other related content.
The troubling thing about these stories is they weren't necessarily the result of carelessness, according to the hospital's attorney and the service that uncovered the Minneapolis records. The people responsible for protecting the sensitive information may have thought they had deleted all the important files by performing a standard reformat before relinquishing the equipment, only to discover afterwards that remnants of sensitive information remained available to those who knew how to get it. PCs reassigned to new departments within a corporation can be a source of private personnel records or financial information. Similarly, hard drives swapped out in an upgrade effort may carry sensitive data with them - perhaps to people outside of your company.
Experts in data recovery techniques say that corporate financial records, personnel files,
Hard numbers showing the financial consequences of recovered data on large corporations aren't regularly compiled, and data-theft victims are reluctant to publicize their security breaches. But people in the storage industry acknowledge that public and private organizations are taking the threat seriously. To guard themselves, government agencies as well as private companies in highly regulated industries such as banking and insurance are now drafting guidelines for when and how to thoroughly cleanse storage devices, so old data doesn't suddenly reappear in unauthorized hands (see "Building a data deletion policy").
Peter Gutmann, a researcher in the Department of Computer Science at the University of Auckland, New Zealand, warns that data thieves are always searching for new ways to steal proprietary data. "One avenue of attack is the recovery of supposedly erased data from magnetic media," Gutmann says. He adds that thieves can also use powerful microscopes to look at what's buried under succeeding layers of overwritten data.
Given the gyrations computer users sometimes must undergo to retrieve an accidentally lost file, why is it so hard to intentionally destroy data? Blame the delete key. With one simple touch, any office worker can feel like an all-powerful digital ruler, nuking masses of ones and zeros into oblivion. Unfortunately, the destruction is more illusion than reality. "Deleted doesn't mean gone," says Jim Reinert, director of business development for Ontrack Data International Inc., Eden Prairie, MN, the data recovery service that helped the Minnesota TV station probe leased-computer disk drives. "Hitting the delete key on a computer only removes the reference to that file. The contents of the file are still sitting out there on the hard drive. It's like erasing the table of contents from a textbook."
Operating systems interpret the delete command as an instruction to make previously used sectors of a hard disk available once again for new information. But these newly freed areas aren't suddenly vacant; they will continue to hold the old data until it's overwritten, which typically won't happen until any remaining unused tracks become full. So, depending on the size of the storage resource, and the amount of data being saved to the device, large tracks of deleted information may remain unchanged indefinitely. Any of several commercial data recovery products, including stalwarts like Symantec's Norton Utilities, can easily bring this dead information back to life.
Even sectors that have been overwritten several times with new data can continue to reveal their secrets to sophisticated snoopers. Read/write heads on hard drives work with impressive precision to lay down data in microscopically close locations on a drive platter. But while they're precise, the heads aren't yet perfect. Miniscule gaps remain between tracks, and with the proper hardware and software, a thief can peer into these gaps to get an eyeful of information, like a burglar peeping through a keyhole.
This was first published in June 2002