Tuesday, March 31, 2009

Shredding files [2/4]: Shredding empty space

Once you understand that there are shadow copies of your files of value, you get it that it's useless to shred files, as is often recommended, though.

So what's next, how to ensure your files are not recovered? At this point in our reflexion, the problem is that there are confidential bytes in the "empty" space of the hard drive. So, some software provide a tool to "shred" the whole of the empty space. Here, we mean that it will browse the full length of the empty part of the disk and cover it with random patterns, to remove all chances of recovery of the previous data.



The good point is: theoretically it works. The bad point is: practically, it's unmanageable because it means using those random patterns on the size of the empty space of your hard drive. Like dozens of gigabytes. So it takes very long.

The good practice becomes: tell your top management to bring in their laptops for a good shred, before they go to a risk area (like travelling abroad to negotiate contracts). The bad practice is: present your executives with the tool and tell them to do it themselves regularly.

1 comment:

  1. These are good practices for Security Shredding, especially when top management usually do not find the time for this to be done and generally nor are competent in its application. So I agree about including an external body or personnel to provide this security.

    ReplyDelete

I can read French, English, German and Romanian, please feel free to write in whichever language you prefer.