If you sell, donate or throw away your old laptop, mobile phone (Check the security settings on your mobile device) or hard drive without thinking too much about it, You could be giving away your personal data to a complete stranger.And we're not just talking about a few random photos: on a used device it's common to find browsing histories, copies of tax documents, login credentials, financial information, and even medical data.
Forensic studies on second-hand devices are devastating: A huge percentage of computers, mobile phones, and external drives still contain recoverable information.Although its previous owner would swear that he "erased everything" or "restored it to factory settings." The problem isn't the intention, but the method: deleting in the traditional way doesn't destroy the data, it only hides it in plain sight.
Why normal deletion is not enough
When you click delete, empty the recycle bin, or use quick format, the operating system does not destroy the file contentsAll it does is mark that space as available to be overwritten in the future. Until that overwrite occurs (and sometimes it never happens across the entire disk), the data remains there, ready to be recovered with free recovery tools.
In classic mechanical hard drives (HDDs), data is stored as magnetic patterns on the internal platesDeleting a file only indicates that the magnetic area can be reused, but as long as it isn't physically overwritten, the pattern can be read without much difficulty. That's why readily available programs can "revive" photos, documents, or databases from a disk that appeared empty.
The situation with solid-state drives (SSDs) is even more complex. These devices use flash memory and algorithms of wear leveling that distributes the data throughout the unit to extend their lifespan. They also incorporate over-provisioning areas that the operating system doesn't even see. The result: even if you format or thoroughly erase your data, copies may remain in hidden areas that the average user can't access, but that an attacker could try to exploit.
This is not a theoretical exercise. Healthcare organizations have received very high fines due to improper sanitization of the storage media where patient records were kept. Small businesses have suffered data breaches by reselling computers with improperly erased hard drives. And individuals have fallen victim to identity theft without realizing that the source was that laptop they sold online some time ago.
If we add to this situation the fact that many people accumulate external hard drives and USB flash drives in drawers, full of old backupsThe risk increases. A simple format or mass wipe on these portable devices does not guarantee that the data has disappeared forever.
Limitations of free tools and factory resets
Faced with this problem, many people resort to free utilities designed for another era Or they blindly trust the "Reset this PC" or "Erase all content and settings" options. On paper, it sounds good, but in practice, these mechanisms don't always provide the level of security we think they do.
A classic example is DBAN (Darik's Boot and Nuke). This free tool became very popular because overwrites hard drives with multiple passes (zeros, ones, and random data) following schemes that have been considered very robust for HDDs for years. Compared to mechanical disks, their effectiveness is high against conventional recovery software.
The problem arises when trying to use these types of solutions on modern SSDs. DBAN and similar tools cannot properly access hidden areas or execute secure firmware erase commandsThe user sees a triumphant "process completed" message, but the over-provisioned space may still contain gigabytes of sensitive information in the background.
Furthermore, the user experience of many of these applications is not very user-friendly. Booting from a USB drive, navigating text-mode menus, or interpreting technical warnings This causes some users to abandon the process mid-process or make mistakes. And a failed deletion attempt often leaves the data virtually untouched, even though everything may appear to have gone well.
Factory resets are similar. Windows offers the option "Reset this PC," while macOS has features like "Erase all content and settings." If the disk is encrypted with BitLocker or FileVaultThese functions are usually limited to removing or invalidating the recovery key , assuming that without that key the encrypted data cannot be read.
However, in practice many users have saved copies of the recovery key in cloud services (OneDrive, iCloud, or others) sometimes without us even realizing it. If an attacker gains access to that cloud account, they could retrieve the password and, with it, decrypt the supposedly "disabled" content. In other words, you're relying on the security of another account that you might not have as well protected as you should.
Even when the system offers more thorough erasure options, Cleaning usually focuses on visible partitions and not on the entire storage device.On SSDs, recovery partitions, hidden areas, and over-provisioning zones often remain untouched, as standard mechanisms cannot access them. Worse still, users lack easy ways to verify what has actually been deleted.
Overlooked risks: external storage devices, mobile devices, and documentation
When preparing to sell a piece of equipment, we usually focus on the internal unit, but The most serious threats sometimes lie in peripheral devices. that go unnoticed. An external hard drive used as a backup, a USB drive that has traveled between home and the office, or an SD card from an old mobile phone can store years of extremely sensitive information.
USB flash drives and memory cards use NAND chips similar to those in SSDs, with similar problems of wear leveling and areas not visible to the operating systemMany do not support secure erase commands from the firmware, which greatly complicates performing a complete cleanup with generic utilities.
On the other hand, we must not forget the Paper documentation and other physical mediaPrinted medical records, signed contracts, accounting reports, payroll lists, or simple notes with credentials can end up in the trash without any oversight. This paper can be recovered, reconstructed, and used for targeted attacks, identity theft, or blackmail.
In this field there are standards such as UNE-EN 15713 and DIN 66399 (and its evolution to ISO/IEC 21964) that They establish levels of destruction based on the type of storage medium and the sensitivity of the information.For example, they determine the maximum size of the particles resulting from crushing for different risk levels, or what requirements are demanded for the transport and custody of the material prior to destruction.
We must also consider the internal and cloud-based digital repositoriesFile servers, shared folders, document management systems, backups, and historical backups can retain older versions of documents that have already been deleted from the source but survive in backups and snapshots if consistent retention and destruction policies are not applied.
Secure disposal methods: software, hardware, and physical destruction
To achieve reliable erasure that minimizes the risk of recovery, the following are combined: software-based methods, low-level commands, and physical destructionDepending on the type of device and the sensitivity of the data, there is no single technique that works for everyone, so you have to choose carefully in each case.
On a logical level, classical procedures are based on overwriting information with new dataThese techniques can be performed in a single pass using random patterns or in multiple passes following standards established by various organizations (such as some derived from old documents of the U.S. Department of Defense or European agencies). These techniques are especially effective on mechanical hard drives.
For SSDs and NVMe drives, the safest strategy is usually to use the secure erase commands implemented in the firmware itselfIn the case of ATA interfaces, the command is called ATA Secure Erase, while for NVMe the key command is NVMe Format. When executed successfully, the drive controller applies a voltage pulse to all memory cells, including those in hidden areas, returning them to a neutral state.
This type of hardware-level sanitation is considered equivalent to what is called in some regulatory frameworks. “Clear” or “Purged” statusThese commands are recognized by forensic experts as demonstrating a very high level of data hygiene. However, not all SSDs support these types of commands, and even when they do, it may not be possible to launch them from the BIOS/UEFI of all devices.
That is why it is still used, especially in professional environments, to physical destruction of the support when the risk is at its maximumThis is where methods such as industrial shredding, disintegration, degaussing (demagnetization with very powerful fields), pulverization, or controlled incineration come into play. NSA guidelines, for example, define maximum sizes for the resulting fragments to make reconstruction virtually impossible.
In some cases, approaches are combined: First, a certified logical erase is performed The physical destruction of the environment then proceeds, minimizing the probability of recovery, even with advanced laboratory techniques.
Reference standards and norms for erasing and destroying data
In the field of secure electronic data disposal, several documents and standards stand out as technical and compliance guides. One of the most internationally cited is the NIST Special Publication 800-88, which defines concepts such as erasure, purging and destruction, and details recommendations on how to apply each one depending on the type of media.
This document classifies methods ranging from the simple deletion of non-sensitive data to those designed to resist what it calls "laboratory attacks"—sophisticated attempts by actors with significant resources. Many regulated sectors in the United States, such as healthcare (linked to HIPAA), refer to NIST 800-88 as reference of good practices for the sanitation of substrates.
In Europe, and specifically in Spain, the legal framework is provided by the General Data Protection Regulation (GDPR) and the national implementing regulations, which emphasize that Personal data should not be kept longer than strictly necessary and that technical and organizational measures must be applied to ensure their safety throughout the entire life cycle, including the disposal phase.
These general frameworks are complemented by sectoral regulations and specific standards such as the one already mentioned UNE-EN 15713, which defines good practices for confidential destruction servicesor the DIN 66399/ISO/IEC 21964 family, which classifies media and sets destruction requirements according to sensitivity level. Following these guidelines is not always mandatory, but it helps design processes that are defensible in the face of audits and complaints.
There are also other specific references depending on the country and issuing body: British government security standards, criteria from federal security offices in countries like Germany, and internal instructions from armed forces and government agencies. They all agree on the idea that It is not enough to "delete", you have to be able to prove how it was deleted And with what guarantees?
Use of specialized software for users and businesses
Although knowing the technical principles is useful, the reality is that Most users are not comfortable running commands in BIOS, Terminal, or consolenor handling low-level tools to interact with the firmware of their storage devices.
For this reason, software solutions specifically designed to manage in a simple way have been appearing. Secure deletion of files, entire partitions, internal and external drivesincluding hard drives, SSDs, USB drives, and SD cards. The idea is to offer a user-friendly graphical interface that hides the technical complexity and automatically selects the most appropriate procedure for each case.
These types of programs typically incorporate dozens of sanitation algorithms, ranging from simple one-pass schemes to more complex variants inherited from different international standards. In parallel, they develop proprietary optimization technologies for SSDs and flash memoryTaking into account wear leveling, oversupply, and the particularities of each manufacturer to maximize the effectiveness of the erasing.
In the domestic and small business sphere, their main advantage is that they allow execute data destruction procedures in just a few clicks: drag and drop files or folders for permanent deletion, clean only the free space on a drive (very useful when you want to keep the operating system and your programs) or process entire external disks before selling or recycling them.
Another important feature is support for external drives. Many security incidents occur because Nobody checked the backup disks or USB drives that were left behind.When software detects and cleans these devices with the same seriousness as internal storage, a very common blind spot is reduced.
In terms of cost, solutions of this type usually offer licensing models far below the economic impact of a data breachAffordable monthly subscriptions, annual plans, or lifetime licenses. Faced with the apparent "free" nature of older tools or manual processes, it's important to consider the time invested, the uncertainty about the outcome, and the remaining risk.
Internal protocols, chain of custody and certificates
In medium and large organizations, the sale, replacement or destruction of equipment cannot be managed in an improvised manner. A documented protocol for erasing and destroying media is needed. that details what is done, who does it, with what tools, and how the entire process is recorded.
A good procedure begins with a clear inventory: Identify all devices that contain sensitive information. (computers, servers, company mobile phones, tablets, external hard drives, USB drives, tape backups, etc.). From there, the appropriate treatment is defined for them when they are replaced, reassigned to another employee, or decommissioned.
The chain of custody is a critical point: from the moment a device is removed from normal use until it is erased or destroyed, It must remain under control and with limited access.For paper or other physical media, closed containers and temporary storage areas with restricted access are recommended. For computer equipment, it is advisable to record every movement and keep it in supervised areas.
When using external companies for confidential destruction or recycling of equipment, the protocol should require full traceability and supporting documentationThis includes collection route sheets, identifiers of the batches treated, indication of the method applied (shredding, demagnetization, certified erasure, etc.) and the issuance of a certificate of destruction or data sanitization.
These certificates are essential for inspections, audits, or complaints from customers and authorities. They serve as proof that The organization has acted with due diligence in disposing of media containing personal data or confidential information, reducing the likelihood of sanctions and reputational damage.
To reinforce the reliability of the system, it is recommended to carry out periodic reviews of the protocol: internal audits to verify that the defined steps are being followed, reviews of retention periods, analysis of incidents or “near misses” and updating of the tools used to adapt to new storage technologies.
Responsibility, the true cost of failure, and best practices
The moment you hand over a device to another person or a recycling company, You completely lose control over what will happen to himIt can change hands several times, end up in countries with more lax legal frameworks, or end up in the hands of someone who decides to experiment with recovery tools "out of curiosity" or with malicious intent.
The responsibility for ensuring that the device does not contain recoverable information It's yours before you part ways with himTherefore, secure data deletion is not a mere technical detail or an optional recommendation; it is part of basic risk management, both for individuals and companies.
The potential cost of a failure in this area is far greater than the typical cost of implementing a good protocol and using appropriate tools. We're talking about hours and resources dedicated to solving identity theft cases, direct economic losses due to fraud, penalties for non-compliance with data protection regulations, or reputational damage that is difficult to repair.
In everyday life, some simple good practices can make a big difference: do not rely on the standard operating system wipeAvoid factory resets as the only method if you handle sensitive information, use specialized software for sanitization, verify the results with checking tools, and don't forget external disks, USB drives, and backups.
It is also key to integrate secure destruction into the corporate culture itself: train employees on the importance of proper deletionDefine clear channels for the removal of equipment, prohibit practices such as taking old devices "home" without prior sanitization, and control copies, drafts, and derivatives of confidential documentation.
If clear procedures, appropriate technology, and a minimum of discipline are combined, the sale or donation of terminals, disks, and other media can be facilitated. can be done in a reasonably safe mannerminimizing the chances that your personal, business or customer information will end up exposed years later in the hands of third parties.
This entire set of technical measures, reference standards, specialized software, and well-designed internal protocols enables the end-of-life data erasure of devices. be a controlled and defensible process, instead of taking a leap of faith trusting that “nobody will bother to look.”
Legal notice: The information described is for guidance purposes only and does not replace specialized legal or technical advice; No deletion method can guarantee absolute security against any recovery attemptThis is because factors such as the use of the tools themselves, the condition of the storage media, and external environmental conditions can affect data security. For specific questions, it is advisable to consult with qualified professionals in information security and data destruction.
