Hard Disk Storage: Data Leakage

The hard disk drive remains the most commonly used form of storage media. The concerns relating to the correct sanitisation of user data, in particular when the hard drive is recycled or discarded have been well documented. However, it is possible that even when a user effectively overwrites data from the operating system, user data can still remain on the hard disk drive as a result of the normal operation of the hard disk drive. We highlight the risk of inadvertent data leakage as a result of the firmware processes present in a hard disk, in particular the error-handling component of the hard disk drive firmware. Where an area of the drive becomes unreliable due to natural wear and tear, the disk firmware which monitors data access will instruct the drive to copy the data from the failing area to a specially designated reserved area. The system remaps this data shift so the old data area and the original copy of the data are no longer accessible to the user. However, this does not erase the original copy of the data. This will therefore remain on the drive although the ‘failed’ portion of the drive will no longer be accessible by the operating system. This paper discusses the potential problem generated by this process with certain disk drives potentially retaining substantial amounts of data after being wiped by the operating system or other security tools. In conclusion this paper will propose best practice for data disposal and disk reuse.