Please help me with a response to my classmate\'s discussion answer. Thanks. Dat
ID: 3741849 • Letter: P
Question
Please help me with a response to my classmate's discussion answer. Thanks.
Data remanence in Information Security is digitally stored data that may still be recovered even after it has been deleted. A user may delete a file (or group of files) from his/her machine, intending to completely remove all traces of sensitive information (i.e. a tax return or other Personally Identifiable Information) yet still leave behind retrievable data. This is especially true with Hard Disk Drives, where data is not removed when it is deleted by the user, but simply marked as space on which new data can be written.
There are several methods for successful data removal which are practiced to prevent data remanence. One example is overwriting the data. Once old data has been overwritten, it is not recoverable. With this method, the physical hard disk can be reused for new storage. When overwriting, however, it is important to properly prepare the disk for the process (The Rainbow Books, n.d.). If the disk has bad sectors or blocks for example, an overwrite may not be successful in rendering old data unreadable.
Another method for removing data is the process of degaussing. In this method, powerful magnets are utilized to corrupt the data. This method is both expensive and not foolproof, however, since if the data is not properly degaussed, it can be reconstructed (The Rainbow Books, n.d.).
Encryption is a good practice for regular data storage. It is financially practical as no large expensive machines are needed for the process. If the data is stolen, it will not be readable to the attacker without the encryption key.
Lastly, but most importantly, the most foolproof method for ensuring no data is retrievable is physical destruction of the storage device.
Explanation / Answer
Its true that digitally stored data is recoverable, there are various data recovery tools available to recover the data, if deleted. It is possible to recover the data because, digital data is stored in the form of zeros and once, and so we have to choose the bit assuming either it may be one or zero. As a file is made up of lots of binary bits, so if we last few bits, still we would be able to obtain valuable information. File carving technique may also be used for recovering the deleted file by analyzing the bit pattern and predicting the file bits.
When a file is stored in the system, the system assign a memory area to the file and index it in the file index table. When we execute command to delete a file, only the index of the table is deleted from the index table, while the file data remain in the memory. And the memory area is marked as free space. As every file is marked with starting and ending character(different for various kind of file like txt, jpg,doc etc), so if a memory scan is done then any data recovery tool would be able to recover the file, though some portion may be lost, but it is quite possible that you will be able to get useful information out of it. Data recovery tools like easeus,recova,recovermyfiles etc are able to recover various kind of file like pictures, music, documents, videos, emails etc.
So to safely delete the data we need to replace all the assigned bit of the file in the memory with random bits. but still it may not be 100% safe. There have been insident in the past where data were recovered from submerged drive, burn drive or physically damazed drive. Because their are tools available wich can recover overwritten data also. In case of hard disk, magnetizing the disk maybe also consider a good option, because it will scramble the data in the drive which may not be recoverable by any data recovery tool.
These techniques of data deletion and recovey are usually costly and time consuming. So in real life we may not be frequently used to these kind of method. Instead data encryption can be considered as one solution. While storing the data it is encrypted with some algorithm and the key and if you know the key and the algorithm then only you would be able to get the data back. Otherwise without the key and knowledge of the algorithm the data would be there but unusable, because you won't be able to get useful information out of it. The encryption also are of vaarious types such as symmetric and asymmetric encryption. Techniques such as Data Encryption Standard(DES) and Advance Encryption Standard (AES), provide suffient encryption security, as if some one get the encrypted data then also it may take months and years to decrypt the data, but still these can be cracked.
So from the above discussion it is very clear that no technique gurantees 100%. data security The only possible way to safely delete data with accuracy is destroying the data drive physically, so that it won't be accessible to any one for data recovery.