The Art of Keeping Top Secret FilesActually, it’s really the art. Everyone wants to stay secure, to keep his privacy. Both individuals and business considers the possibility of information leakages due to in-authorized file recovery.
|
|
|
| 5.0/5.0 (1 votes total) |
|
|
|
Bob Elliott October 17, 2006
|
Bob Elliott |
Bob Elliott is security business consultant at AKS-Labs software development company. His interests include sensitive file security, security policies, preventing information leakages, security audit methods. AKS-Labs has developed Shred Agent, a background-mode file shredder that we will be happy to recommend to all users, including users of our QuickWiper. Learn more at www.shredagent.com |
Bob Elliott
has written 1 articles for WebKnowHow. |
View all articles by Bob Elliott... |
Let me list some facts and questions that often discussed when we talk about secure deletion of files.
- The first fact is that any deleted file can be recovered. There is no need to buy expensive tools, even freeware file recovery utility can do this job for you or for other person.
- The second fact is that pressing delete + shift keys don’t make file irrecoverable. Anyone can still recover your sensitive information.
- The third fact is that emptying Recycle Bin will not help secure your files too.
So why developers of operation system don’t include this feature? A good question, and the answer is that we actually don’t want all files to be irrecoverable. There is a chance that you might delete some really important file. Developers of operation system give you a choice – to use or not to use file shredders. Those who are concerned about security prefer to user file shredders.
Functions of file shreddersThere are a lot of ways to secure your files. Some works well, other don’t actually help. The most popular approach is wiping free disk space regularly. This is a good idea, but you must have in mind that you will be able to wipe free space only in the end of working day or week, so some files and information could be recovered before this. Also, some software products silently delete and create files, so wiping free space is not a 100% guaranty of file security. Our research shows that wiping free space will cover only 90% of all deleted information. What are others 10%? It’s temporary files and cached files. In other words it’s your sensitive data and internet browser history. More over, wiping free space is a routine, time-taking computer task that may be a real hassle for your security administrator. Another idea is to use a file shredder every time you wish to securely delete your file. It’s a great idea as you know what files are really important and should be deleted without possibility to recover. The bad news is that you will need to do some additional steps to process file to file shredder. But in most cases it is just few more clicks. Not a big price to stay secure. Where wiping free space and file shredders don’t work? Actually, there are some security holes. First, we should consider files that are created by programs silently, these files can be a cached data or temporary file that office programs always creates. In this case file shredder simply doesn’t know what to wipe! As temporary file may actually appear at your hard disk for a second, but will contain a valuable information. For sure, wiping free space is performing better, but remember that it will wipe only space that is actually free. It will not consider cached data (the history and cache or your internet browser), it will not consider some sectors just because the shredder could damage your data. Another security risk is remote users that may access your hard disk by network. You don’t know what do these users do, if they delete files or not. Due to security limitation, these users will not be able to use a file shredder at your hard disk.
Possible solutionWhat you need to look at is a file shredder that works in background mode. Actually, you need a file shredder that will capture all deletion operation that your system do. In this case, you won’t need to drop files to file shredder, as it captures all deletion operation and can “see” all file that you do delete. Also, the problem of temporary files will be solved as other program utilize a common system interface to delete files and it will be possible to capture all operations with temporary and cached files.
Does it worth paying for?Are temporary and cached file a great security risk? Actually, they are. For instance, temporary files of office wording tools contains a copy of all file text data. So anyone who recover temporary file will have access to your sensitive data. For sure, wiping free space can do 90% of job you need to be done for deleted sensitive files, but there are still from 2-5% of files that could be recovered and might contain sensitive information. For instance, if you clear cookies or cache of your web-browser, you cannot use file shredder utility. Also, the hard disk space dedicate to cached file will still be occupied, this means that wipe free space will not actually secure this information. In this case only background mode file shredder will be able to wipe files in a proper way.
What the next level might be?It’s a good idea to use background mode file shredder to stay secure now. Does this method guaranty 100% privacy? Actually not. There still might be some chance of recovering files. So, if you will ever need to completely destroy data, then you will need to destroy computer hard disk physically. As for other purposes, for instance when you need to provide day to day file security– using background file shredder is a great option.
Keeping files secure is the artActually, it was the art when only security admin knew about tools we had to use. Various file shredders, wiping free space every weekend and so on. For now, ask your security admin to install a background mode file shredder and …forget about your security risks. Well, you still might face a problem as wiping operation is a little longer that deletion. So it would be great if you could fine tune your shredder to wipe only specific files or files within a specific location. In this way you will save your time and will still stay secure. |