Recovering Confidential Data from a Pre-Formatted Hard Drive

Sponsored byRecovering Confidential Data

from a Re-Formatted Hard Drive; How to Really Erase Data

© 2015 Monterey Technology Group Inc.

Thanks to

Made possible by

Jonathan BrewFredrik Forslund


Preview of key points

Recovering “deleted” files Recovering formatted drive How to erase data

Enterprise management

Recovering “permanently” deleted files

1. Start with normal PC with various files2. “Permanently” delete some files3. Recover

C:%5CUsers%5CRandyFranklinSmith%5CDropbox%20(MTG)%5CUWS%20Team%5CWebinarSlides%5CBlancco%201%5C1.%20System%20Initial%20State.avi

C:%5CUsers%5CRandyFranklinSmith%5CDropbox%20(MTG)%5CUWS%20Team%5CWebinarSlides%5CBlancco%201%5C2.%20Images%20to%20Recycle%20Bin.avi

C:%5CUsers%5CRandyFranklinSmith%5CDropbox%20(MTG)%5CUWS%20Team%5CWebinarSlides%5CBlancco%201%5C3.%20Recycle%20Bin%20Recovery.avi

Recovering formatted drive

4. Format entire drive5. Data recovered with deeper scan6. Restored data confirmed

C:%5CUsers%5CRandyFranklinSmith%5CDropbox%20(MTG)%5CUWS%20Team%5CWebinarSlides%5CBlancco%201%5C4.%20Recovered%20Images%20and%20Format.avi

C:%5CUsers%5CRandyFranklinSmith%5CDropbox%20(MTG)%5CUWS%20Team%5CWebinarSlides%5CBlancco%201%5C5.%20Quick%20Format%20Recovery.avi

C:%5CUsers%5CRandyFranklinSmith%5CDropbox%20(MTG)%5CUWS%20Team%5CWebinarSlides%5CBlancco%201%5C6.%20Recovered%20Files%20After%20Format.avi

Real data erasure

7. Individual files erased with Blancco File8. Files unrecoverable9. Entire drive erased with Blancco 510.Files unrecoverable

C:%5CUsers%5CRandyFranklinSmith%5CDropbox%20(MTG)%5CUWS%20Team%5CWebinarSlides%5CBlancco%201%5C7.%20Photos%20Shredded.avi

C:%5CUsers%5CRandyFranklinSmith%5CDropbox%20(MTG)%5CUWS%20Team%5CWebinarSlides%5CBlancco%201%5C8.%20No%20Recovery%20of%20Shredded%20Files.avi

C:%5CUsers%5CRandyFranklinSmith%5CDropbox%20(MTG)%5CUWS%20Team%5CWebinarSlides%5CBlancco%201%5C9.%20Erasure%20With%20Blancco%205.avi

C:%5CUsers%5CRandyFranklinSmith%5CDropbox%20(MTG)%5CUWS%20Team%5CWebinarSlides%5CBlancco%201%5C10.%20Recover%20After%20Overwrite%20With%20Blancco.avi

Bottom line

Deleted data is recoverable Joint Study by Kroll Ontrack and Blancco available

October 7 http://

www2.blancco.com/leftovers-data-security-study Erasing one drive

Fairly easy with free tools Enterprise questions

How do you inventory all your storage devices globally for entire organization?

How do you erase, really erase it, Inexpensively Without destroying good hardware

How do you centrally and remotely manage erasure?

How do you verify? How do you prove for compliance?


http://www2.blancco.com/leftovers-data-security-study

http://www2.blancco.com/leftovers-data-security-study

What is it all about?

Data leaks cost billions every year.

Threats!

Unless you proactively erase data in your environment, external or internal attackers as well as malware can maliciously perform data recovery that lead to data leaks.

Data erasureincreasingly important

National Data Protection

LawEU Data

Protection Regulation

2015

„Right to

Erasure“ISO Standard 27001,

27040 etc.Sarbanes-

Oxley

HIPAA(Health

Insurance Portabiltiy

and Accountability

)

Credit Card Industry PCI-DSS

What is Certified Data Erasure?

Format or Delete Data Erasure

Auditable Erasure Reports

absolute key

NIST Special Publication 800-88

“Following sanitization, a certificate of media disposition should be completed for each piece of electronic media that has been sanitized.”

“One to rule them all”

One standardized process for all your data erasure needs.