Any material I've come up with for data destruction standards relate to completely wiping (ATA Secure Erase) and physically destroying hard drives, but I haven't been able to find much about standards for destroying individual files. Are there such standards, and if so how can they be properly followed?
Asked
Active
Viewed 4,432 times
3 Answers
11
1) With modern filesystems, there is no more concept of securely deleting an individual file. It might have been copied around, snapshotted, written to a different location upon editing, etc.
2) With modern drives, there is no deletion / wipe without confirming it. Some drives have had a Secure Wipe command flat-out lies to you, returning immediately while doing nothing.
- See SSD (Flash Memory) security when data is encrypted in place
- Use Full Disk Encryption.
- Pretty much forget about the concept of securely deleting a file and knowing it is really gone. Even with a freespace wipe, you've still got cache files, preloads, snapshots, slack space (though some utilities wipe that)...
Jeff Ferland
- 38,090
- 9
- 93
- 171
6
HIPAA regulations, as far as I can tell, do not specifically address the destruction of individual electronic files.
Under HIPAA, you have an obligation to ensure that PHI does not fall into the wrong hands. You can best accomplish this by protecting systems and networks, not individual files.
George Cummins
- 161
- 4
3
Wiping an individual file is much harder than wiping the whole disc, because of the number of places that parts of that file may end up.
Depending on the file system you have things like slack space; journalling; page files; fragments; etc etc.
DanBeale
- 2,064
- 3
- 18
- 27