The U.S. Department of Defense recommends wiping a storage media at least three to seven times to prevent possible retrieval of sensitive information. Do these numbers seem excessive?
Unlike physical evidence in crimes committed without the use of computers or digital devices, digital evidence is hard to acquire, retain and investigate. Physical evidence is supported by years of standardized methods and professionals who are trained to analyze and retain evidence. Digital evidence suffers from challenges like:
- Technology available is not sufficient enough
- Lack of trained professionals & tools
- Analysis is very time consuming
- And to address the question here, retaining sensitive information is a challenge in itself! The concern is to prevent the unauthorized retrieval of this information.
The U.S. Department of Defense recommends the DoD7 method , which supposedly cleans the hard drive of any sensitive information. There are tools available such as the DiskScrub, which claim to completely remove the faint image on the hard drive thereby erasing all the 0s and 1s.
Contrast to the U.S. DoD, Gutmann recommends to wipe off data 35 ...
Is it essential to wipe off storage media at least three to seven times to prevent possible retrieval of sensitive information?