When you upgrade to a new hard drive, SSD, or to a new computer entirely, it is critical that you properly wipe your old hard drive before selling it or disposing of it.
While the process of wiping a drive can seem simple, a 2017 study from the National Association for Information Destruction found that improper data erasure is very common. Similar statistics have arisen from reputable enterprises as well.
After procuring a couple of hundred devices sold on sites like eBay, with 40% of the devices and drives they could recover vulnerable personal information. This included the recovery of passwords using basic recovery methods.
In this article, we’ll go over how to wipe drives according to the Department of Defense (DoD) and National Institute of Standards and Technology (NIST) standards.
Before you wipe your old hard drive though, you may want to back up your data first.
Backing Up Your Data Before Wiping a Hard Drive
There are typically a couple of ways that most people back-up their data: to an external hard drive or to the cloud.
Backing Up Data To the Cloud
There are a few cloud providers that you could use to back up your data.
This article will only mention a few. However, a couple of easy consumer mainstays are Google Drive for windows or iCloud for Apple devices.
iCloud
On an Apple device, iCloud should be enabled by default. So it is often the standard choice for Apple product backups.
However, it’s notoriously a pain to use, and several past large-scale data leaks have led many to question its security.
Google Drive
With Google Drive, it’s as easy as logging in with a google account and dropping in your folders.
Be wary of file sync though, as it won’t preserve your file structure.
If you’d like something that was designed more specifically for whole system backups and less for general purpose cloud file storage, then the following options are proven solutions.
Backup for One Computer: Backblaze
Backblaze is fairly easy to use, cheap, secure and well-reviewed. However, for several computers, it may not be ideal.
Backup for Several Computers: Carbonite
Carbonite is only $24 a month for multiple computers. It has solid features like ransomware protection. This makes it a good choice for small businesses or the enterprising individual.
Backup for Personal Media: Google Photos
If you only need to preserve your photos and videos, Google photos is a very well-reviewed app for that purpose.
It is free and provides unlimited storage. Google Photos also offers helpful text-in-image search functionality. Because of this though, load speeds can be a bit tedious at times.
Backing Up Data to an External Hard Drive
To back up data to an external drive on Windows 10, go to control panel, then click “System and Security.”
In System and Security, under “File History,” click “save backup copies of your files with file history.”
From there, click “system image backup” in the bottom left.
Then “create a system image,” pick your hard drive, and you should be good to go once you press start.
Wiping Hard Drives On Windows
There are a couple of great 3rd party software programs you can run on Windows for proper data erasure. Proper erasure ultimately means completely wiping a hard drive.
If you use any of these programs, you are essentially overwriting the drives at the most fundamental level: you’re writing over every single “1 and 0” that holds the data on your drive.
Whichever you choose, rest assured that your data will be impossible to recover by anyone else.
DBAN
One of the most well-known programs is DBAN.
It’s been a mainstay in data erasure software for nearly as long as the concept has existed for consumers.
To use DBAN, it may be helpful to watch a video guide.
For the cliff notes version:
You can download the program here.
They claim on their site that “there is no guarantee of data removal.” However, rest assured that people have been relying on DBAN for personal data erasure for a long time without issue.
Once you’ve downloaded the DBAN ISO file, you’ll need to burn it to a disc or a USB drive.
If you’re unfamiliar with how to work with ISO files, you may find this guide helpful for CDs and this one if you prefer to use a USB.
Here is a guide for Apple users.
Once you’ve got the disc or USB burned and you’ve gotten everything backed up, you’ll want to restart your computer.
DBAN’s menu should open up at this point.
From here, you can use your function keys to choose specific hard drives to erase. You can also nuke all of your hard drives’ data using any one of a few data erasure protocols.
We would recommend dodshort. It’s a three-pass overwrite. And a three-pass overwrite is widely considered to be sufficient according to the Department of Defense, after which the protocol is named.
You should get a success message once all of the drives have been successfully wiped.
Eraser
Eraser is, in my opinion, the simplest application on Windows to wipe a drive.
There are only a few steps, and you don’t need to worry about booting from an ISO or anything like that. So if you’re not a tech person, Eraser is a natural choice.
It’s compatible with essentially every version of Windows, including Windows Server 2008 and Windows Server 2012.
To start, download the application from Eraser’s site.
Once you’ve got it installed, simply create a task by right-clicking on the “main erase schedule” window.
In the dropdown, select “new task.”
There you’ll want to choose “run manually” and then “add data” to choose the drive that you want to wipe.
There is a list of options for wiping protocols, and as before we recommend a triple pass overwrite as with the US DoD protocol.
Once you’ve chosen the protocol, all you have to do is go ahead and run the task.
Congratulations, you have completely wiped your hard drive.
How to Wipe a Drive On iOS
Thankfully, wiping a hard drive on a Mac is fairly simple.
If you have a hard drive, and not an SSD, the following steps will help you securely erase your drive.
Turn off your Mac, then turn it back on.
While it’s booting up, hold the R and Command keys down. Choose “Disk Utility” in the list that comes up, then hit continue.
From here you can choose your drive. Click “erase” and then choose how many overwrites you’d like. Just click on “security options.”
You won’t want to select the fastest option, and the most secure option is actually a 7-pass overwrite. This is probably excessive but feel free to go with your preference.
Then all you have to do is press “OK.”
With SSDs, you may not see the security options button, and that is because Apple, for whatever reason, did not choose to allow the option for a secure erase with SSDs.
Go figure.
While it is much more difficult to recover data from an SSD, it can be done.
Here are a few options.
One easy way to help protect your data is to encrypt it with FileVault. Go to System preferences, then security & privacy. From there, click FileVault.
Once you turn it on it should take a few hours to encrypt the data.
The great thing about FileVault is that if you then go and standard erase the drive, you’ll also be deleting the FileVault key. This renders all of the data permanently encrypted.
You can also use the terminal app and manually run a secureErase command.
For more on that, feel free to check out this guide.
How to Wipe a Drive On Linux
In Linux, you can actually go ahead and wipe the entire drive from the command prompt itself with a few different commands.
While you can use the “dd”, “shred”, and “wipe” commands, we specifically would recommend installing the scrub command on your Linux system.
You can install the scrub package with the following command:
~]# yum install scrub
You could use the basic special file mode function:
scrub [OPTIONS] special-file [special-file …]
But we would recommend you use the DoD method with the following syntax:
# scrub -p dod /dev/sda -f
scrub: using DoD 5220.22-M patterns
If you aren’t sure which drive name your system is using (if it isn’t /dev/sda) you can use “sudo fdisk -1”
If you only want to delete a specific partition, you can add a numeric suffix to sda, E.G /sda1, /sda2, etc. to only wipe that partition.
Wiping Hard Drives In Bulk
If you need to wipe hard drives from a network-attached storage (NAS) system or a storage array network (SAN), then the aforementioned programs will not be sufficient for your needs.
There are few programs on the market designed to run on hard drives that are still in their server racks or storage systems.
That being said, you will save in speed and headaches by relying on an enterprise-specific service.
If you are like most enterprises, you’ll also need a certificate of erasure, and you may have machines running on Linux or Windows Server that aren’t compatible with mainstream drive wipe software.
White Canyon and Blancco are two of the better-known services for enterprise drive erasure. Blancco is probably the best known in the business.
White Canyon allows you to remotely wipe systems across different locations from your headquarters with a preconfigured EXE.
Blancco has a wider range of services for virtual machines, centralized management, and mobile devices.
Both of these services will generally charge you cents on the dollar per drive that you wipe, so if you are dealing with thousands of drives it can add up.
Killdisk is a new kid on the block with a different model.
With Killdisk you are just purchasing the enterprise license. So if you intend to use a drive wiping software repeatedly it may be more cost-effective.
Alternatives to Wiping Hard Drives
Shredding
For all intents and purposes, a triple pass overwrite is entirely sufficient for data security, and shredding is not necessary.
A reliable program is going over every single 1 and 0 individually to overwrite the entire hard drive, not once, but three times. As mentioned earlier, completely wiping a hard drive is critical.
That being said, sometimes an organization has strict policies regarding the disposal of hard drives that include mandatory drive shredding.
In these instances, it is fairly easy to either rent or purchase a hard drive shredder. Though purchasing a hard drive shredder that can handle a large number of drives is in the realm of thousands of dollars.
If you intend to destroy only a single drive yourself, just know that puncturing the drive or taking a hammer to it does not guarantee that someone can not recover data off of the drive.
It is in your best interest to wipe the drive(s) before you do so.
Formatting
Windows has a built-in format hard drive option that can be used to wipe hard drives.
Hard Disk Sentinel
If you already had hard disk sentinel (popular drive health monitoring software) installed on your system, you can also just go to the disk menu, then surface test, then write test.
This is a complete hard drive overwrite which should be sufficient for most personal data use cases.
Wiping a Hard Drive with a Magnet
Taking a neodymium magnet or other similarly powerful magnet to your hard drive is a classic way to wipe it.
If you intend on wiping a hard drive with a magnet, be sure that your magnet has sufficient strength. Also, be extremely thorough when you do run the magnet over your drive.
Again, just because you are having difficulty loading anything off of the drive does not mean that you have completely eliminated all traces of your data.
We would recommend using a wiping software in addition to the magnet to ensure that someone with more nebulous intentions and data recovery expertise could not retrieve data from your drive.
Windows Reset
Windows includes its own software that purports to wipe drives securely.
It is not as secure as using a 3rd party software like DBAN, however.
This software is not ideal for completely wiping a hard drive. So unless you use it and then do so manually, it is not guaranteed that your data is unrecoverable.
How To Erase SSD Before Selling
“How do I securely erase my SSD and then remove it?” you might be asking right now. Fortunately, it is still feasible to securely wipe your SSD without damaging the device using the software. The distinction is that rather of completely erasing all data from the drive, an SSD “restarts” in a clean memory state (not a factory state, which implies no drive wear)
The ATA Secure Erase command instructs the drive to erase all stored bits, effectively forcing it to forget everything. The command resets all accessible blocks to the “erase” condition (which also serves as the file deletion and block recycling state for TRIM).
Additionally, the ATA Secure Erase command does not rewrite data to the SSD, as a traditional secure wipe tool would. Instead, it sends a voltage spike to all available flash memory blocks at once. The process resets each accessible block of space in one fell swoop, and the SSD is “clean.”
Using the ATA Secure Erase command on an SSD entails a complete program erase cycle. Yes, it does cause some wear, but it is unimportant compared to a standard secure wipe tool when compared to conventional secure wipe tools.
Wipe SSD Before Selling Using a Manufacturer Tool
Many SSD makers include software for use with their drives. The program generally includes a firmware update tool, as well as a secure erase tool and, potentially, drive cloning functionality. While MakeUseOf can’t verify the functionality of every manufacturer’s software, there are several tools available for each major SSD maker.
The SSD maker’s management software is the first place to look for a secure erase tool. Some makers, on the other hand, do not provide the ATA Secure Erase command as an alternative. Furthermore, in certain situations, your SSD model may not be compatible with it. If that’s the case with your SSD, continue reading.
Wipe SSD Before Selling Using a Versatile Tool
Although the SSD manufacturer’s tool may include a secure erase feature, many experts recommend utilizing Parted Magic instead. Indeed, Parted Magic includes an essential PC repair kit item for keeping in your USB toolkit.
Parted Magic is a complete Linux distribution with a variety of disk erasing and partition management programs. The software is $11, but you have unlimited access to the whole suite at any time, and it’s one of the most secure ways to wipe an SSD.
Parted Magic is a bootable Linux distribution that may be installed to a USB drive and booted from there.
ITAD Services
Should you have a larger quantity of drives than you care to deal with, and you have to take care of disposition as well, an IT asset disposition company (ITAD) may be the right choice.
An ITAD company can help you wipe all of your drives securely in the racks, take care of shredding on-site, and issue you a certificate of data destruction.
They’ll also take care of removing the drives and recycling anything that is no longer viable material.
Just make sure you choose one that is R2 or E-Stewards certified.
Learn about our data wiping services to see how we can help you.
And there you have our guide on how to securely wipe your hard drive(s), happy wiping!