Erasing Vs. Deleting: Are Your ‘Deleted’ Files Truly Gone?

Sep 19, 2024 Blog Article

While there are a multitude of data destruction methods, many of them contain loopholes that render data recoverable. When choosing between erasing vs. deleting, learn why data erasure is essential to ensuring your files are truly gone.

Russ Ernst, Blancco VP of Products & Technology

Russ Ernst As Blancco CTO, Russ drives product strategy and execution across our Blancco solutions suite. At IT and data security industry conferences, he addresses data lifecycle management, end-of-life IT management, and data sanitization best practices. He also covers how organizations can reach their sustainability goals and fuel the circular economy through secure disposal processes. In addition to the Blancco website, you'll find his insights in Recycling Today, Security Boulevard, Data Center Knowledge, Business Insider, and The Fast Mode, as well as in the upcoming book, Net Zeros and Ones: How Data Erasure Promotes Sustainability, Privacy, and Security.

How to tame your growing data attack surface

With unnecessary data in active environments creating significant vulnerabilities and financial costs, organizations must have a plan of action for safeguarding sensitive, but no longer needed, files and folders. 

When information is past any compulsory retention periods that may apply, or it no longer serves a business purpose, the best thing to do is to remove it completely. This reduces your data attack surface and the costs of storage. Getting rid of excess data also can be a requirement of data protection and data privacy regulations. 

However, while there are a multitude of data destruction methods, including formatting, deletion, and wiping, many of them contain weaknesses that leave data behind and render data recoverable. This retained data puts organizations at greater breach risk, can incur greater liability in case of a breach, and can lead to financial penalties tied to regulatory noncompliance. 

Whether reformatting a drive, deleting files from an active environment, or even dragging files to the Recycle Bin, the information is still there.

All these methods simply remove the pointers to the data without actually removing the data itself.

Data deletion fails to meet the mark

Essentially, data deletion is merely hiding data, not removing it. Employees may be confused into believing that dragging individual files to their laptop or desktop Recycle Bin removes files permanently but that isn’t the case. 

There are good grounds for this confusion. In Microsoft’s latest operating system, Windows 11, sending a file stored in OneDrive to the Recycle Bin prompts the user with the message, “Deleted files are removed everywhere,” but this is accompanied by a smaller message that deleted files can be recovered for 93 days. 

For locally stored files on a C: drive, deleted files go automatically to the Recycle Bin, and deletion notifications must be turned on manually. After this, Windows prompts the user with the following question: “Are you sure you want to move this file to the Recycle Bin?” 

It’s only when emptying the Recycle Bin that users are now prompted with the question, “Are you sure you want to permanently delete this file?” 

Given this assortment of information, employees may not understand exactly what the status of their data is. But at least this final question when emptying the Recycle Bin will permanently delete the file, right? Wrong. 

This type of basic deletion only removes pointers to the data, not the data itself. It’s the digital equivalent of removing a book’s index without removing the pages.  

The deletion described here is just one of the faulty data removal methods that are typically mentioned when people discuss deleting data. The following section sets out why formatting also creates similar risks. 

Test your knowledge: Which Common Data Sanitization Myths Do You Believe? Part I of II

Formatting hard drives could leave your enterprise exposed to data breaches 

Our Privacy for Sale research study, conducted in conjunction with Ontrack, outlines how Blancco IT staff in the U.S., Germany, Finland, and the U.K. purchased 159 SSDs and HDDs from a large online marketplace. Our partners at Ontrack analyzed these drives using proprietary data recovery tools to see if any sensitive data remained. 

We found that more than 40% of the second-hand hard drives contained data left over from the previous user. 

The leftover data included an array of office and employee emails, photos, and files, creating a risk of personal, financial, and reputational damage to individuals and their employers. 

In addition, more than 15% of those drives contained sensitive information that could be dangerous in the hands of identity thieves or hackers. 

Out of the 159 drives analyzed, some type of data was found on 66 of them, with 25 of the drives containing PII such as photos, birth certificates, names, email addresses, and more.

Privacy for Sale: Data Security Risks in the Second-hand IT Asset Marketplace 

Every seller we purchased drives from insisted that proper data sanitization methods had been performed. This demonstrates that sellers are attempting to permanently wipe data (and see the importance of this process). However, many are failing to use a fully effective solution. 

For most devices analyzed, formatting was the data disposal method of choice. However, as the results show, this method is not always enough for complete and permanent data removal. 

If these drives had come from a single organization (or from several) and ended up in the hands of bad actors, the result could have been a major data breach. 

How could an organization have prevented this? In addition to the complete end-of-life erasure of assets such as drives and laptops, data sanitization should be continually applied to the active environments of data centers, cloud storage, and employee endpoints still active within the asset lifecycle. 

Ongoing, active erasure ensures you’re always up to date, reducing security threats to your data center and overall organization.

By overlapping data lifecycle management with the asset management lifecycle, enterprises can make IT equipment more secure in the case of loss or theft, for example. Proactively erasing data from active environments can be automated based on organizational policies.  

Automated erasure policy specifications could include: 

The enterprise side of erasing vs. deleting files & folders 

What happens to data when businesses unknowingly use inadequate data destruction methods to reduce surplus data? 

They’re not only left with a false sense of security, but massive amounts of data (like emails, confidential documents, and other sensitive information) that are at risk of being exposed and falling into the wrong hands. 

Excess data storage means excess data breach & regulatory risk

In 2023, cyber-attacks and data breaches exposed more than eight billion data records according to IT Governance. Between January and June 2024, that figure reached over 35 billion. Cybersecurity incidents are rising fast. 

Alongside breach risk, tougher data protection rules, such as Europe’s General Data Protection Regulation (GDPR), the California Privacy Rights Act (CPRA), and the New Jersey Privacy Act (NJPA), mean that businesses can’t afford to be lax with information management. 

These regulations “are driving to the same storage limitation principle, which supports that organizations need to delete personal data when it’s no longer necessary.” Again, in this context “delete” could mean a range of data destruction methods, not all of them equally effective. 

Excess data storage costs more

In addition, data storage costs and storage limitations are significant challenges for organizations.  

Many don’t realize how many “deleted” files are left behind on their single computer from inadequate data destruction alone. Run a simple recovery program on your PC and prepare to be shocked by the results—the choice between erasing vs. deleting becomes quite clear. 

An industry perspective: Data Sanitization Enters “Slope of Enlightenment” on Gartner Hype Cycle

How to ensure your enterprise files are unrecoverable 

How can businesses make it impossible for “deleted” files to be recovered? The answer is simple: securely erase files from active PCs, servers, LUNs, and even virtual machines. 

Secure data erasure uses methods to overwrite files and folders according to an industry standard, then verifies that the erasure has taken place successfully. 

In addition, for compliance purposes, verified data sanitization should be accompanied by a certificate of erasure noting exactly what was erased, when, by whom, and using what method.  

This provides proof to auditors and industry regulators that you are abiding by specified retention and data protection best practices and requirements. 

Data in active environments can also be erased automatically according to data management policies you set. 

Mitigate data breach risk with proper data destruction methods

When choosing between erasing vs. deleting, deleting files may seem easy and fast. However, software-based data erasure is the most secure way of getting rid of your data for good, ensuring it’s impossible to recover files and that data cannot be leaked.  

To see how easily your business can erase files and get rid of data for good, learn more about Blancco File Eraser, then request your free trial

Originally published June 2022. Updated September 2024 to add recent research.

Erase Unwanted Files Easily, Quickly, and Permanently  

Request your free enterprise data erasure trial.