Erasing Vs. Deleting: Are Your ‘Deleted’ Files Truly Gone?

Jun 14, 2022 Blog Article

While there are a multitude of data destruction methods, many of them contain loopholes that render data recoverable. When choosing between erasing vs. deleting, learn why data erasure is essential to ensuring your files are truly gone.

Russ Ernst, Blancco VP of Products & Technology

Russ Ernst As Blancco CTO, Russ drives product strategy and execution across our Blancco solutions suite. At IT and data security industry conferences, he addresses data lifecycle management, end-of-life IT management, and data sanitization best practices. He also covers how organizations can reach their sustainability goals and fuel the circular economy through secure disposal processes. In addition to the Blancco website, you'll find his insights in Recycling Today, Security Boulevard, Data Center Knowledge, Business Insider, and The Fast Mode, as well as in the upcoming book, Net Zeros and Ones: How Data Erasure Promotes Sustainability, Privacy, and Security.

How to Tame Your Growing Data Attack Surface

Data is growing at an exponential rate. Keeping track of all your data and keeping it all protected is increasingly challenging.

With data in active environments creating a large area of vulnerability, organizations must have a plan of action for safeguarding sensitive, but no longer needed, files and folders. If these files and folders are past retention, or no longer serve a business purpose, the best thing to do is to remove them completely, reducing the data attack surface that you have to manage. 

While there are a multitude of data destruction methods, many of them contain loopholes that render data recoverable.

Erasing vs. Deleting: Why Data Deletion Methods Are Inadequate

Out of the 159 drives analyzed, some type of data was found on 66 of them, with 25 of the drives containing PII such as photos, birth certificates, names, email addresses and more.

Privacy for Sale: Data Security Risks in the Second-hand IT Asset Marketplace

A Real-Life Example of Faulty Data Destruction

Our Privacy for Sale research study, conducted in conjunction with Ontrack, found that more than 40 percent of second-hand hard drives contained data leftover from the previous user.

The leftover data included an array of office and employee emails, photos, and files, creating a risk of personal, financial, and reputational damage to individuals and their employers.

In addition, more than 15 percent of those drives contained sensitive information that could be dangerous in the hands of identity thieves or hackers.

What’s worse, every seller we purchased drives from insisted that proper data sanitization methods had been performed so that no data was left behind. But, if the user had already attempted to remove all files, why was the data able to be recovered?  

Test your knowledge: Which Common Data Sanitization Myths Do You Believe? Part I of II

Deleting and Formatting Leave You at Risk

Whether reformatting a drive (particularly with a “quick format”), deleting files from an active environment, or even dragging files to the ”Recycle Bin,” the information is still there. All these methods simply remove the pointers to the data without actually removing the data itself.

When you are deleting files, it’s crucial to use effective data sanitization methods that are certified and verified. 

The Enterprise Side of Erasing vs. Deleting Files and Folders 

What happens to data when businesses are unknowingly using inadequate data destruction methods to reduce surplus data?

They’re not only left with a false sense of security, but massive amounts of information (like emails, confidential documents, and other sensitive information) are at risk of being exposed and falling into the wrong hands.  

Excess Data Storage Means Excess Data Breach & Regulatory Risk

In 2021, cyber-attacks exposed nearly seven billion data records according to Identity Theft Resource Center.

Alongside breach risk, tougher data protection rules, such as Europe’s General Data Protection Regulation (GDPR) and the California Privacy Rights Act (CPRA), mean that businesses can’t afford to be lax with information management.

The GDPR and CPRA “are driving the same storage limitation principle, which supports that organizations need to delete personal data when it’s no longer necessary.”

Excess Data Storage Costs More

In addition, data storage costs and storage limitations are significant challenges for organizations. 

Many don’t realize how many “deleted” files are left behind on their single computer from inadequate data destruction alone. Run a simple recovery program on your PC and prepare to be shocked by the results—the choice between erasing vs. deleting becomes quite clear.

An industry perspective: Data Sanitization Enters “Slope of Enlightenment” on Gartner Hype Cycle

Purging Sensitive Data? Destruction Methods to Watch Out For

To make sure that you achieve complete data destruction on targeted files and folders, it is essential to avoid these incomplete data destruction methods listed below: 

Relying on these methods for data protection is unwise as it leaves you at risk.  

How to Ensure Your Enterprise Files Are Unrecoverable 

So how can businesses make it impossible for “deleted” files to be recovered? The answer is simple: secure data erasure of files on active PCs, servers, and even virtual machines.

Secure data erasure uses methods to overwrite files and folders according to an industry standard, then verifies that the erasure has taken place successfully.

In addition, for compliance purposes, verified data sanitization should be accompanied by a certificate of erasure noting exactly what was erased, when, by whom, and using what method.  This provides proof to auditors and industry regulators that you are abiding by specified retention and data protection best practices and requirements.

Data in active environments can also be erased automatically according to data management policies you set.

Mitigate Data Breach Risk with Proper Data Destruction Methods

When choosing between erasing vs. deleting, deleting files may seem easy and fast. However, software-based data erasure is the most secure way of getting rid of your data for good, ensuring it’s impossible to recover files and that data cannot be leaked.  

To see how easily your business can erase files and get rid of data for good, learn more about Blancco File Eraser, then request your free trial

Erase Unwanted Files Easily, Quickly, and Permanently  

Request your free enterprise data erasure trial.

You may be interested in: