3 Ways to Destroy Your Data

May 23, 2011 - 2 Comments

You could be putting your company at risk by disposing of old data and storage media improperly.

At some point, all data must be destroyed. If you’re replacing outdated computers, servers, or storage media, like tapes, then you need to purge all the business data that currently exists on those devices. Also, there’s some data you need to wipe after a certain period of time so your company remains compliant with federal privacy legislation. When you want to destroy data, you need to go beyond simply dragging a folder on your desktop to the trash can.

There are three sure-fire ways to make sure data can never be pulled off a decommissioned hard drive or backup tape, according to the National Institute of Standards and Technology (NIST). In a chapter on security considerations in The NIST Handbook, NIST says, “three techniques are commonly used for media sanitization: overwriting, degaussing, and destruction.” These techniques can be used just as easily by small businesses as large companies.

1. Overwrite your hard drives. Overwriting your drives is more than simply selecting a file and deleting it. You need to overwrite each area of the disk several times; NIST recommends overwriting the hard drive three times. Several programs are available to help you overwrite your hard drives, including two  freeware utilities, Secure Erase and Eraser. Overwriting your hard drives lets you reuse them but is less secure than degaussing your storage media.

2. Degauss your hard drives and backup tapes. Degaussing means to demagnetize; so, degaussing as a data destruction method magnetically erases data from your magnetic storage media, like hard drives and backup tapes. This method generally makes the media unusable after it destroys the data, which is fine when the media has reached the end of its useful life. If you choose this method of data destruction, you can hire a service for either on-site or off-site degaussing. Look for a provider that complies with standards set by both NIST and the National Industrial Security Program (NISP) as well as any federal legislation that applies to your company, such as the Sarbanes-Oxley Act or the Health Insurance Portability and Accountability Act (HIPAA).

3. Destroy your hard drive and backup tapes. The most secure way to destroy data—and the storage medium it’s on—is by shredding it, just like your paper documents. The large, industrial shredding machines grind up the storage media into unrecognizable bits of scrap metal. You can hire a shredding service to come to your office and shred your hard drives and tapes on site, under your supervision, so you can be assured that no one accessed any of the data before it was shredded. If possible, find a service that recycles the scrap metal. As with a degaussing service, a shredding service should be compliant with all federal security standards.

A few data destruction don’ts

It must be said: Don’t rely on the delete function to erase your data. Deleted data can still be retrieved from hard drives and tapes, which can be a huge security risk if you just toss that media into the nearest waste bin. In addition, you can’t trust the format function to fully erase your data. Just as there is software that can restore deleted files, there is software that can retrieve old data on re-formatted disks. Even taking a hammer to an old hard drive might not completely destroy it—unless you smash it into an unrecognizable mash of metal and plastic.

How are you destroying your company’s data?

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. With havin so much written content do you ever run into any problems of plagorism or copyright infringement? My site has a lot of exclusive content I’ve either created myself or outsourced but it appears a lot of it is popping it up all over the web without my authorization. Do you know any methods to help prevent content from being stolen? I’d definitely appreciate it.

  2. Thank you for this post. Data Killers has been in the business of providing data destruction services nationwide for over 6 years. I thought you might be interested in this information on degaussing.

    Degaussing is the process of decreasing or eliminating an unwanted magnetic field. It is named after Carl Friedrich Gauss, an early researcher in the field of magnetism.
    Data is stored in the magnetic media, such as hard drives, floppy disks and magnetic tape, by making very small areas called magnetic domains change their magnetic alignment to be in the direction of an applied magnetic field. This phenomenon occurs in much the same way a compass needle points in the direction of the earth’s magnetic field. Degaussing, commonly called erasure, leaves the domains in random patterns with no preference to orientation, thereby rendering previous data unrecoverable. Degaussing renders hard drives and LTO tapes unuasable but DLT’s can be reused. Degaussing does not work on SSD’s.