Points on information
storage and security
Today
is the age of high technology and revolutionary achievements in the
computing equipment area, also in important data and information. And
now the question occurs, the question of how to keep this information safe
and secure.
Download
QuickWiper from www.quickwiper.com
At
present IT-corporations invests millions of dollar in development of
information security techniques. But the only problem is researching how to make public information accessible to all users, and confidential
data
accessible only to whom it’s
intended.
In business, government
and private area there are a lot of great
volumes of confidential and secure information. It stores in computer’s
databases on hard disk. This information is a real value, and its loss in
many cases may exert influence on state security.
The ways
of information’s lost
In
early years there was necessity for immediate access to storage media to get
sensitive information. The network appearance was creating newer techniques
for both recording data on the media and for getting access (also hidden
from a user) to sensitive data. This pushed to research a lot of hardware
and software methods of getting information from PC and networking.
Networking with direct Internet access have turned out much weak.
The
ways of information getting loss are directly based on techniques of
treating, storing, moving and erasing of data.
1.
Information loss with replacement serviceable HDD.
Fast
obsolescence of computer technologies is already established phenomenon.
Each two years (under Moore's law) the personal computer double the
capacity. After change of two generations of the personal computer, it does
not represent any value and it is inexpedient to support technically and by
software. As a rule, personal computers pay off for 4 years, and it means,
that the IT-companies should replace 25 % of computer park within each year.
That computers replacement may employ with cases listed below.
-
Remove
computer to another working place with lower technical requirements.
-
Sell
computer as ‘second hand’.
-
PC as gift
to someone (schools, funds, etc)
All
this cases means old computers (also hard disks) removes with all the data,
defense of which cost some money and time.
2.
Hidden ways to lose information.
-
Spyware, viruses and
trojans. If your computer has ever been infected by a virus, and no matter what you did - even reformatting the disk space - the virus would not go away and kept coming back to wreak havoc on your PC. The reason is that the virus is hiding in a part of your system that is inaccessible by the operating system and most anti-virus software.
-
Industrial
espionage.
-
Networking.
It’s simplest way to open access to intruder.
3.
Information loss at replacement faulty hard disk.
One
more and very important channel of information loss is a faulty hard disk.
In ‘Ontrack’ opinion - the world leader on restoration of the
information on faulty HDD - the hardware failures of disk are guilty in 78 %
of cases of data loss. Modern technologies of information storage on
magnetic carriers develop very fast. Modern hard disk space store in 500
times more information, than 10 years ago. The density of storage of the
information and speed of rotation of magnetic plates has rised, but,
unfortunately, such parameter as HDD reliability, has considerably changed
for the worst. So, practically all HDD manufacturers give up 3 year
guarantee to one-year.
Most
of hard disks break during the guarantee period and should be replaced on a
guarantee. And there is no opportunity to consider the information from a
disk, to copy it on other carrier or to erase it. In this case the
firm-seller exchanges hard disk with the information on a new carrier, and
the faulty disk is sent to the manufacturer or placed on a long storage.
Huge quantity of information, including sensitive, is getting by irrelevant
persons.
What disk
space hides
While
not only laws, but also the hardware, forbidding or interfering
non-authorized access to the confidential information exist, removal of the
data with disk allows the interested person not only to bypass security
systems without of external attributes displaying, but also make it
practically lawfully.
Many
users know that simple file deleting or even reformatting disk space
doesn’t remove data. Just once saved, information on disk space is very
hard to erase from magnetic memory of the hard disk. That’s why harmless
replacing of computer or transferring it to another person is a simplest way
to open of restricted access information.
Except
confidential information, about which users know (accounting, financial,
personal, perspective development), a set of other confidential data not
always known to the operator can be stored on the disk space, usually named
as free. Applications and operating systems store passwords, keys of
enciphering and other data with the limited access in various places of hard
disk, including files of a configuration and temporary files. Operating
systems arbitrarily save contents of memory in a file on a disk (i.e.
swap-file) that does not give an opportunity to learn, that from these data
is really kept on a disk space.
Now
a problem is the software installed on personal computers. Practically all
licensed software cannot be transferred with old hardware without licenses.
Therefore the requirement on removal of licensed software at sale or
transfer of out-of-date computers remains.
Substantive
provisions of protection of the information stored on hard disk
Maintenance
of reliable destruction of the sensitive information at the end of
hard disk life cycle demands careful study of safety information
issues.
Erasing
of the data from disk space does not provide protection of the information.
Process of information defense should be based on a number of the
coordinated techniques finally providing high probability of destruction of
the information.
Though
any of techniques cannot guarantee 100 % reliability of destruction of the
information, there are substantive provisions and conditions of protection
of the information.
-
Necessity
of physical protection of HDD (from non-authorized access).
-
Regular
control and accounting. It means tracking carriers leaving operation, the
control of process of destruction of the information and drawing up the
report on deviations in this process and admitted errors.
-
Using of
standardized applications and techniques to wipe the information on HDD.
Important thing is
to wipe free disk space.
-
Regular
check of process of destruction of the information on carriers.
-
Periodic
control of reliability of destruction of the information.
-
Accounting
on every destroyed disk.
This techniques must provide highest security level
for sensitive information stored on hard disk drive.
Related
articles:
-
Points
on information storage and security. At
present IT-corporations invests millions of dollar in development of
information security techniques. But the only problem is researching how
to make public information accessible to all users, and confidential
data accessible only to whom
it’s intended.
-
Short
review on non-software methods of destruction of the information on
hard drives. Sometimes,
when the highest reliability is needed, it’s using mechanical and
other methods of destruction of the information, when HDD is breaking as
oneself.
-
Wipe
file and clear disk space. All
kinds of information is stored in computers as a files. Each file takes
some place on a hard disk. And the first (and main for our issue)
problem is you never know where it’s placed, and how much disk space
it occupy.
-
Disk
space: free doesn’t mean blank. Let’s
repeat, when you delete sensitive files from a disk on your computer,
Windows does not erase the contents of these files from the disk - it
only deletes 'references' to these files from file system tables.
Contents of the deleted file continue to be stored on the disk space and
can be easily recovered using any unerasing utility.
|