How can I securely wipe disk drives?

When erasing sensitive data, always make sure that the data cannot be recovered. A few ways to do this include Darik's Boot and Nuke (DBAN), or various options within Mac OS X.

Note:

Using DBAN

To securely wipe a disk drive using DBAN:

  1. Download DBAN.
  2. Use DBAN to create a bootable DBAN CD, and then boot your computer using this CD.
  3. At the boot: prompt, press Enter to start DBAN in interactive mode.
  4. Press M (Method). On the "Wipe Method" screen, use the arrow keys to navigate to your preferred wiping method (e.g., Quick Erase [one pass], DoD Short [three passes], or DoD 5220.22-M [seven passes]). Press the Spacebar to save your selection and return to the Disks and Partitions menu.
  5. If only one disk is present in your computer, select the top option that appears in the Disks and Partitions menu, and then press the Spacebar. The selection box will display "[wipe]" to indicate what will be securely erased:
    • If you see "[****]", the section of the disk you selected will also be wiped.
    • If you see "[----]", you have already selected a section of the disk for wiping. Uncheck your selection and instead wipe the entire disk.
  6. Press the F10 key to begin the secure erase process. As soon as you press F10, data erasure will begin.

The "Statistics" box in the top right corner of the screen will display an estimate of the time remaining on the disk wiping process.

Using Mac OS X

Due to the prevalence of solid-state drives (SSDs), Apple has removed many of the tools previously provided to securely erase data from hard disk drives (HDDs). The best method to use for any SSD is full-disk encryption; FileVault is Apple's full-disk encryption.

Mac OS X has retained the following built-in options for securely removing data:

  • For whole file systems, use the Disk Utility, which can be found in any of the following places:
    • In the Applications/Utilities/ folder on your hard drive
    • In the Recovery HD partition (Mac OS X 10.8 and later)

    In Disk Utility, choose the file system you want to wipe, and then select the Erase tab. If you have a hard disk drive, select Security Options to choose the security level of the erasure. If a solid-state drive is detected, Security Options may not be available for selection.

  • For individual files, use rm -P from the command line. This overwrites files three times before deleting them. Because of the way solid-state drives work, this method may only be effective on traditional hard disk drives.

For more information, see Protect IU's Secure Data Removal and Solid State Drives.

This is document auhn in the Knowledge Base.
Last modified on 2017-05-19 17:13:24.

  • Fill out this form to submit your issue to the UITS Support Center.
  • Please note that you must be affiliated with Indiana University to receive support.
  • All fields are required.

Please provide your IU email address. If you currently have a problem receiving email at your IU account, enter an alternate email address.

  • Fill out this form to submit your comment to the IU Knowledge Base.
  • If you are affiliated with Indiana University and need help with a computing problem, please use the I need help with a computing problem section above, or contact your campus Support Center.

Please provide your IU email address. If you currently have a problem receiving email at your IU account, enter an alternate email address.