2

One of our clients requires that at the end of the contract we "securely" delete all data from the server (including SQL Server).

I think I need to deal with this in two parts.

1. SQL Server Data: The client data is stored in 2 SQL Server databases, but other contracts (that are not ending) are also maintained in these databases.

Assuming that we destroy the database backup devices, if I perform TRUNCATE TABLE is the data in any way recoverable? Assuming no, if I updated every row/column in the database with 0s, then perform the truncate, does this prevent recovery?

2. Files: We receive data-files that have been transferred onto the server and then imported into the SQL Server, and the server also generates PDF reports that physically sit on the server. Plus we have the backup files.

Are there tools or steps I can take to permanently delete this data without formatting the drive (and then using a tool like DBAN)?

Dan
  • 783
  • 1
  • 13
  • 21

4 Answers4

3

Have you thought of using the 'Eraser' application? It does the deep erase, and will erase unused sectors of a given disk as well. Its free.....Look at http://eraser.heidi.ie/ for more information. That will work for files.

As for the database, remove all the records, tables, etc that you need, dump the database out, "erase" the database file, erase the unused sectors of the disk (as this could contain client information). And then restore the database from the dump. Just truncating and/or removing the data using SQL does not purge the data from the database. If you want to absolutely assure that all client data is gone, only a full dump and restore of the database on a clean area will do.

Probably a good idea to "erase" all tmp files and especially any copies of the database or backups residing on the disk.

mdpc
  • 11,856
  • 28
  • 53
  • 67
  • How does this deal with SQL server databases? – Zoredache Oct 06 '11 at 18:00
  • Amended for the database concern. – mdpc Oct 06 '11 at 18:46
  • We're using eraser to delete the files, and Remus' recommendation below to run sp_clean_db_free_space to wipe database data. (When it's possible I intend to first run sp_clean_db_free_space in the database and then use eraser to delete the device files too). – Dan Feb 03 '12 at 22:01
3

TRUNCATE does not clear the data (it simply deallocates the pages), and no file system tool can clear it either because the file is a) in use by SQL Server and b) in a format that can only be read/modified by SQL Server.

The solution is to run sp_clean_db_free_space after the TRUNCATE:

Removes residual information left on database pages because of data modification routines in SQL Server. sp_clean_db_free_space cleans all pages in all files of the database.

Obviously, this does not clean backups, but one can easily argue that since the very purpose of the backup is to restore the system at a state possible before the contract ended, it is mandatory for the backups to contain the information.

For the files part, there are many solution available, some already presented by other posts.

Remus Rusanu
  • 8,283
  • 1
  • 21
  • 23
1

A hammer.

Seriously.

There is a LOT you can do if you spend the money on physical discs in a lab recovering possibly overwritteen disc partitions.

TomTom
  • 51,649
  • 7
  • 54
  • 136
  • I think the client will accept that Police forensics may be able to retrieve the data, in lab conditions... – Dan Oct 07 '11 at 08:44
  • Ah, sorry, this is not police forensics, it is me sending a stolen hard disc to a public recovery company. If they want the data destroyed, ti is business stnadard practice to shredder the discs OR at least magnet wipe them with a STRONG magnet. – TomTom Oct 07 '11 at 12:22
1

May be sdelete by Mark Russinovich will fit enough.

You can use SDelete both to securely delete existing files, as well as to securely erase any file data that exists in the unallocated portions of a disk (including files that you have already deleted or encrypted). SDelete implements the Department of Defense clearing and sanitizing standard DOD 5220.22-M, to give you confidence that once deleted with SDelete, your file data is gone forever.

Sergey
  • 111
  • 2