 |
CDW·G Solutions™
July 2002
Wiped Out
Removing the valuable data from your hard drive is a must before recycling your used computer equipment
A major issue facing state and local government agencies and educational institutions alike is how to dispose of legacy computer equipment properly. Clearly, donating old PCs to under-funded organizations may be the best solution. However, this is not as easy as it sounds, since many organizations that accept computer donations are hesitant to take possession of systems that are too old or in non-working condition. In fact, according to the Environmental Protection Agency, over 20 million PCs became obsolete back in 1998, and of those systems, only 13 percent were reused or recycled.
As technology marches forward, the number of retired PCs is expected to triple by the year 2005. System recycling has thus become a market in and of itself, spawning independent recycling businesses and prompting major vendors to initiate aggressive recycling programs. As you might have guessed, most of these programs are not free. You can expect to pay anywhere from $15 to $30 per system-an amount that adds up quickly for organizations that are upgrading several hundred systems at a time.
Some vendors offer a rebate on returned equipment (but only if you're buying new systems from them), while others provide recycling kits, which include prepaid shipping labels and boxes for each system. Most recycling programs are designed to make use of old, discarded systems through refurbishment or salvage efforts. In cases where systems are beyond repair, they are stripped down and the parts are processed in such a way that materials such as precious metals, glass, and steel are extracted and recycled individually. CRT displays are particularly difficult to deal with due to their high concentrations of lead, mercury and other hazardous materials, and are banned from landfill disposal for this reason.
Before You Recycle
Whether you plan to use a recycling service or donate your retired systems through charitable or community channels, there's still an important step to be taken first, which is often overlooked by even the most experienced IT professionals: safely removing all data from system hard drives. It is not enough simply to delete all data; in fact, removing programs and files using DOS and Windows commands does not actually delete data, but instead deletes markers that point to specific files, and then marks that space as usable. The data remains on the hard drive until the operating system rewrites new data to the area.
For example, in Windows, “deleted” files are sent to the Recycle Bin, where you have the option of restoring them (since they really haven't been deleted yet) or emptying the bin. Even when you choose to empty the bin, the data still resides on the hard drive-only the reference to the data is removed, which is why you can't view it through Windows Explorer or some other file management tool. Explorer will tell you that you now have a certain amount of available disk space, but that really means that the area where the “deleted” data resides is now available as free space. In other words, the data is still there. Over time, the operating system will overwrite these areas on the hard disk with new data, but that still doesn't mean that deleted data is gone. In fact, there are many software products on the market that make it easy to restore overwritten files, so even a novice can gain access to your data.
Additionally, important data can reside (read: hide) in different areas on your system, including Windows swap files, the system registry, and alternative data streams used in Windows 2000 applications. So uninstalling programs and removing and overwriting associated files will not do the trick (Windows XP, in particular, is notorious for placing files in various locations throughout the operating system).
Contrary to popular belief, reformatting a hard drive isn't the answer either. Although a complete hard drive reformat carries the warning that “all data on the selected drive will be destroyed,” what really happens is that the format creates a new FAT (file allocation table) and sector structure. The original data is still there and can be retrieved using readily available utilities that will unformat the drive and expose your data. So, how do you completely remove confidential e-mail, financial, and other classified information (including passwords) from systems before recycling or donating the equipment? The answer depends on how important the data is to your organization and how "clean" you want the drive to be before you hand it off.
Clean Slate
Ideally, you'll want to donate a system with the operating system intact, since most recipients of donated PCs do not have the financial resources to purchase new hard drives or software. There are several products available that will remove your data in such a way that it will be unrecoverable by all but the most complex hardware and software recovery tools. The most popular method of cleansing hard drives is commonly referred to as file wiping, wherein a software utility is used to write random characters to free drive space. An effective wiping program will make several passes over the drive, meaning it performs the random character-writing process more than once to make file recovery extremely difficult (the more times new data is written to a drive, the harder it is to retrieve traces of old data). To put this in perspective, the Department of Defense standard for wiping (DoD 5220.22-M) calls for a minimum of seven passes, rendering data unrecoverable by all but the most high-end (and very expensive) recovery methods.
It is recommended that you purge registry entries, address books, and all other personal information before wiping a drive, so look for a program that will seek out those hidden files. One such program, Webroot Software WindowWasher, is an Internet privacy program that will clean out registry entries, cookies, Windows run histories, temp files, and more. It also features a “bleaching” utility that will overwrite files with a random pattern of characters using up to ten passes. Similarly, McAfee QuickClean offers a complete suite of data-removal utilities and includes a Shredder tool that allows users to select a wiping level of up to 99 passes. Symantec WipeInfo, which is bundled as part of the company's Norton Utilities product, also makes several passes when writing to a drive, but it does not clean out registry and Active X entries. However, when used in tandem with Norton CleanSweep, you can be relatively sure that your data has been safely destroyed. Other programs, such as LSoft Technologies KillDisk and Zdelete, and Ontrack Software DataEraser, offer efficient disk wiping tools as well.
Where to Donate
Considering that the lifecycle of most systems is between three and five years, donations and environmentally conscious recycling programs are more important than ever. Chances are, your old PCs will be put to good use, even if you consider the technology to be somewhat outdated. Organizations such as the Computer Recycling Center, the National Cristina Foundation, and KidSource Online, are just a few of the many that will divert your old computers from the landfills and put them to good use in schools and non-profit agencies. Or, if your systems are beyond repair, a visit to the EPA's Web site will provide you with a wealth of information on how to recycle your old PCs and monitors safely.
As you upgrade your infrastructure to newer technologies, it's important to make sure that older systems are completely purged of all vital data before they head out the door. Uninstalling and removing programs and associated files is not enough-nor is the use of a magnetic bulk eraser, which can still leave recoverable traces of data, so rebuilding entire file structures is possible. Short of physically destroying hard drives, the use of a good file-wiping program is the most effective method of protecting sensitive data from falling into the wrong hands.
For more information on the products discussed in this article,
please contact your
CDW·G account manager at 800.594.4239.
|
|
Shopping Cart
Cables