Fortunately, you can take steps to protect your data, whether you’re getting rid of a PC, external hard drive, or USB stick. Here’s how! (And here’s how to wipe mobile devices clean.)
Mechanical hard drives vs. internal solid-state drives vs. external drives
Deleted files can be recovered from some types of drives, but not others. Here’s a quick summary of how different drives handle deleted files.
Mechanical hard drives: Old-school mechanical hard drives—the kind with a spinning magnetic platter—are still used in PCs. If your PC doesn’t have an SSD, it has a mechanical hard drive. Files you delete from these drives can be recovered. When you delete a file from such a drive, the drive just marks the file’s data as deleted. Until it’s overwritten in the future, people can scan the drive and recover the marked-as-deleted data.
Internal solid-state drives: Solid-state drives use a feature called TRIM. When you delete a file from a solid-state drive, the operating system informs the drive that the file was deleted. The drive then erases the file’s data from its memory cells. This is done to speed things up—it’s faster to write to empty cells—but it has the benefit of ensuring files you delete from internal SSDs can’t be recovered.
External solid-state drives and other removable media: TRIM is used only for internal SSDs. In other words, if you have an external SSD in an enclosure and you connect it to your computer via USB, TRIM won’t erase files you delete. This means deleted files can be recovered from that external SSD. Deleted files can also be recovered from USB flash drives, SD cards, and other types of removable media.
If you have a PC with a solid-state drive, you just need to reinstall your operating system to erase your data. If you have a PC with a mechanical drive, you’ll need to ensure your drive is wiped before reinstalling your OS. If you have an external drive, you’ll need to wipe that, too.
Reset your PC With Windows 8
For many years, geeks had to use third-party tools to wipe their mechanical drives before disposing of them. Windows 8 added a feature that makes wiping deleted files and restoring your operating system much easier.
Use the Reset Your PC feature in Windows 8 or 8.1 to reset your PC to its factory state. You’ll be able to choose a “Fully clean the drive” option when going through this process. Windows will overwrite your drive with junk data and then reinstall the Windows operating system. Afterwards, you’ll have a like-new system without any recoverable files. Yes, it’s really that simple.
Wipe your drive and reinstall Windows 7
Windows 7 doesn’t have this wiping feature built-in. If you just reinstall Windows 7 on your PC using a Windows 7 installer disc or your PC’s recovery feature, your drive won’t be wiped. Deleted files could theoretically be recovered from your drive.
To avoid this, you’ll want to use a disk-wiping tool like Darik’s Boot and Nuke (DBAN)before reinstalling Windows. This tool wipes your computer’s hard drive by overwriting it with junk data. If you’re disposing of the PC or internal drive, you’re done—you can leave the PC in this state. If you’re passing along the PC to someone and want to give them a working copy of Windows, you can then reinstall Windows on the PC and pass it along.
For a full rundown of DBAN and other secure erasure tools, check out PCWorld’s guide to securely erasing your hard drive. Be careful when using tools like DBAN! They will overwrite an entire drive, including any recovery partitions and other data you might want to keep. Back up any data you want to keep before wiping your drive.
Clean external drives
Perform a full format of an external drive to wipe away any deleted files. To do so, connect the drive to your computer, right-click it in Windows Explorer or File Explorer, and select Format. Be sure to uncheck the Quick Format box to perform a full format— a quick format won’t fully erase the deleted files from your drive. Repeat this process for each drive you want to wipe.
On Windows XP, data could be recovered from a drive even after a full format. Starting with Windows Vista, Microsoft says a full format will overwrite your drive’s data. There’s no way to perform a full format from Windows 7’s installer, so that’s why you have to use a tool like DBAN when reinstalling Windows instead of using the normal Format option.
You can also use other dedicated drive-wiping tools. For example, CCleaner includes a Drive Wiper tool under Tools > Drive Wiper.
Wipe free space
If you’ve already reinstalled Windows and don’t want to wipe your drive and reinstall Windows again, you can try using a tool that wipes a drive’s free space, which should obliterate any leftover data left lurking in the shadows. For example, CCleaner’s Drive Wiper tool can wipe only the free space on a drive if you’d like.
Just wiping a drive’s free space isn’t an ideal solution, however. If you have any sensitive files that haven’t yet been deleted, CCleaner won’t touch them. A full drive wipe is more fool-proof because it ensures everything on your drive is wiped away before you set up a clean system from scratch.
Check your work: Try to recover deleted files yourself
Use a file-recovery program like Recuva, created by the same people who make the popular CCleaner utility, to test whether you can recover any deleted files from a drive. Recuva scans your internal or external drives for deleted files, displays information about them, and allows you to recover them. Be sure to perform a “Deep Scan” when prompted—it’s slower, but will find more bits of deleted files. If you wiped the drives properly, Recuva should find no files you can recover.
Recuva performs the same sort of trick an attacker would use to recover your data. Of course, some attackers—particularly criminal organizations that target businesses—may use more advanced disk forensics tools to get at that sensitive business data.
Use encryption to protect all your files
Set up encryption on your drive if you’re deeply worried about people recovering your deleted files. Encryption secures all your files, including both current files and deleted files. You can enable encryption with the BitLocker feature built into Professional versions of Windows or the free TrueCrypt that works on all versions of Windows. TrueCrypt can create encrypted containers or encrypt entire drives.
You’ll have to provide an encryption passphrase to access your files, which will be saved to your drive in encrypted form. Even if you delete encrypted files from such a drive, the deleted files will just be meaningless gibberish without your encryption key. An attacker who wanted to recover deleted files—or access the current files on the drive—would need your encryption key.
Destroy drives
There’s another, more extreme option for protecting your data. When the military gets rid of a hard drive containing the nuclear launch codes, they don’t just wipe it and set it by the curb. No, they go out of their way to destroy it just to be sure—they may even melt it down or crush it into powder. For magnetic hard drives, you can pay to have the drive degaussed—this eliminates the magnetic field and thus all the data. Or you could just smash it with a hammer and a railroad spike if you want to save cash.
Most people shouldn’t be destroying drives, as it’s a waste of still-usable hardware. On the other hand, if you’re a business and you have an old hard drive containing customers’ financial information, you may want to destroy that drive rather than risk that data falling into the wrong hands.
Remember to consider your sensitive data before getting rid of a computer or external drive. The biggest challenge here is simply knowing you need to run these tools—many people don’t realize that previously deleted files can be recovered.