Wiping Data from HDDs and SSDs: Why It May Not Be Enough
For SSDs, data risks are even higher. Due to wear leveling, it's much harder to ensure every bit of data is overwritten. In 2011, researchers from the University of California, San Diego discovered that most commercially available SSDs still contained recoverable data even after multiple overwriting cycles.
The Shortcomings of Encryption
- Key Mismanagement: If encryption keys are not properly destroyed, data recovery is still possible.
- Outdated or Weak Encryption: Older encryption methods can become vulnerable as computational power increases.
- Human Error: Encryption is subject to human error — forgotten partitions or improper execution can leave data recoverable.
- Encryption Misuse in SSDs: Research has shown many SSD self-encrypting drives are still vulnerable to attacks that bypass the encryption entirely.
The Risks of Reselling Data-Carrying Devices
In 2015, a Blancco Technology Group report found that 78% of used drives purchased from second-hand markets still contained recoverable personal data, despite having undergone data deletion.
Why Physical Destruction is the Most Secure Option
The only way to guarantee that data is irretrievable is through physical destruction. Shredding hard drives physically breaks platters or memory chips into small pieces, making it impossible to recover the data.
Conclusion
While wiping and encryption may seem like sufficient solutions, these methods come with significant risks. For companies handling sensitive information, physical destruction using NTERA's technology is the gold standard for ensuring data is truly irretrievable.