Definitely deleted: How to guarantee your data is truly gone before recycling old PCs and drives

There are other things you need to do to make sure your deleted files are gone for good.

Deleted files can often be recovered, and that's a problem when you're passing your PC or PC-related tech along to someone else. Whether it's sensitive financial data, business documents, or scandalous photos that could be used to blackmail you, you probably don't want people getting their hands on your private stuff.

Fortunately, you can take steps to protect your data, whether you're getting rid of a PC, external hard drive, or USB stick. Here's how! (And here's how to wipe mobile devices clean.)

Mechanical hard drives vs. internal solid-state drives vs. external drives

Deleted files can be recovered from some types of drives, but not others. Here's a quick summary of how different drives handle deleted files.

Mechanical hard drives: Old-school mechanical hard drives--the kind with a spinning magnetic platter--are still used in PCs. If your PC doesn't have an SSD, it has a mechanical hard drive. Files you delete from these drives can be recovered. When you delete a file from such a drive, the drive just marks the file's data as deleted. Until it's overwritten in the future, people can scan the drive and recover the marked-as-deleted data.

Internal solid-state drives: Solid-state drives use a feature called TRIM. When you delete a file from a solid-state drive, the operating system informs the drive that the file was deleted. The drive then erases the file's data from its memory cells. This is done to speed things up--it's faster to write to empty cells--but it has the benefit of ensuring files you delete from internal SSDs can't be recovered.

External solid-state drives and other removable media: TRIM is used only for internal SSDs. In other words, if you have an external SSD in an enclosure and you connect it to your computer via USB, TRIM won't erase files you delete. This means deleted files can be recovered from that external SSD. Deleted files can also be recovered from USB flash drives, SD cards, and other types of removable media.

More background: SSDs vs. hard drives vs. hybrids: Which storage tech is right for you?

If you have a PC with a solid-state drive, you just need to reinstall your operating system to erase your data. If you have a PC with a mechanical drive, you'll need to ensure your drive is wiped before reinstalling your OS. If you have an external drive, you'll need to wipe that, too.

Reset your PC With Windows 8

For many years, geeks had to use third-party tools to wipe their mechanical drives before disposing of them. Windows 8 added a feature that makes wiping deleted files and restoring your operating system much easier.

Use the Reset Your PC feature in Windows 8 or 8.1 to reset your PC to its factory state. You'll be able to choose a "Fully clean the drive" option when going through this process. Windows will overwrite your drive with junk data and then reinstall the Windows operating system. Afterwards, you'll have a like-new system without any recoverable files. Yes, it's really that simple.

Wipe your drive and reinstall Windows 7

Windows 7 doesn't have this wiping feature built-in. If you just reinstall Windows 7 on your PC using a Windows 7 installer disc or your PC's recovery feature, your drive won't be wiped. Deleted files could theoretically be recovered from your drive.

To avoid this, you'll want to use a disk-wiping tool like Darik's Boot and Nuke (DBAN) before reinstalling Windows. This tool wipes your computer's hard drive by overwriting it with junk data. If you're disposing of the PC or internal drive, you're done--you can leave the PC in this state. If you're passing along the PC to someone and want to give them a working copy of Windows, you can then reinstall Windows on the PC and pass it along.

For a full rundown of DBAN and other secure erasure tools, check out PCWorld's guide to securely erasing your hard drive. Be careful when using tools like DBAN! They will overwrite an entire drive, including any recovery partitions and other data you might want to keep. Back up any data you want to keep before wiping your drive.

Clean external drives

Perform a full format of an external drive to wipe away any deleted files. To do so, connect the drive to your computer, right-click it in Windows Explorer or File Explorer, and select Format. Be sure to uncheck the Quick Format box to perform a full format-- a quick format won't fully erase the deleted files from your drive. Repeat this process for each drive you want to wipe.

On Windows XP, data could be recovered from a drive even after a full format. Starting with Windows Vista, Microsoft says a full format will overwrite your drive's data. There's no way to perform a full format from Windows 7's installer, so that's why you have to use a tool like DBAN when reinstalling Windows instead of using the normal Format option.

You can also use other dedicated drive-wiping tools. For example, CCleaner includes a Drive Wiper tool under Tools > Drive Wiper.

Wipe free space

If you've already reinstalled Windows and don't want to wipe your drive and reinstall Windows again, you can try using a tool that wipes a drive's free space, which should obliterate any leftover data left lurking in the shadows. For example, CCleaner's Drive Wiper tool can wipe only the free space on a drive if you'd like.

Just wiping a drive's free space isn't an ideal solution, however. If you have any sensitive files that haven't yet been deleted, CCleaner won't touch them. A full drive wipe is more fool-proof because it ensures everything on your drive is wiped away before you set up a clean system from scratch.

Check your work: Try to recover deleted files yourself

Use a file-recovery program like Recuva, created by the same people who make the popular CCleaner utility, to test whether you can recover any deleted files from a drive. Recuva scans your internal or external drives for deleted files, displays information about them, and allows you to recover them. Be sure to perform a "Deep Scan" when prompted--it's slower, but will find more bits of deleted files. If you wiped the drives properly, Recuva should find no files you can recover.

Recuva performs the same sort of trick an attacker would use to recover your data. Of course, some attackers--particularly criminal organizations that target businesses--may use more advanced disk forensics tools to get at that sensitive business data.

Use encryption to protect all your files

Set up encryption on your drive if you're deeply worried about people recovering your deleted files. Encryption secures all your files, including both current files and deleted files. You can enable encryption with the BitLocker feature built into Professional versions of Windows or the free TrueCrypt that works on all versions of Windows. TrueCrypt can create encrypted containers or encrypt entire drives.

You'll have to provide an encryption passphrase to access your files, which will be saved to your drive in encrypted form. Even if you delete encrypted files from such a drive, the deleted files will just be meaningless gibberish without your encryption key. An attacker who wanted to recover deleted files--or access the current files on the drive--would need your encryption key.

Destroy drives

There's another, more extreme option for protecting your data. When the military gets rid of a hard drive containing the nuclear launch codes, they don't just wipe it and set it by the curb. No, they go out of their way to destroy it just to be sure--they may even melt it down or crush it into powder. For magnetic hard drives, you can pay to have the drive degaussed--this eliminates the magnetic field and thus all the data. Or you could just smash it with a hammer and a railroad spike if you want to save cash.

Most people shouldn't be destroying drives, as it's a waste of still-usable hardware. On the other hand, if you're a business and you have an old hard drive containing customers' financial information, you may want to destroy that drive rather than risk that data falling into the wrong hands.

Remember to consider your sensitive data before getting rid of a computer or external drive. The biggest challenge here is simply knowing you need to run these tools--many people don't realize that previously deleted files can be recovered.

Join the CSO newsletter!

Error: Please check your email address.

Tags datastoragesecurityprivacy

More about Microsoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Chris Hoffman

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts