BeginnerData Protection

Physically destroy hard drives and storage media — deletion is not destruction

Deleting files or formatting a drive does not erase the underlying data — it removes the index entry pointing to it. The data remains on the disk and is trivially recoverable with free tools. For any drive, SSD, USB stick, or backup tape containing sensitive data, physical destruction (shredding, degaussing, or certified destruction service) is the only reliable disposal method. The same principle applies to paper documents: cross-cut shredding at the minimum, secure shredding services for higher-sensitivity material. Organisations audited for dumpster diving regularly find intact personnel files, credit card statements, and medical records.

Tags

media destructionsecure disposalhard drivesHIPAAphysical security

More in Data Protection

All guides
beginnerfeatured

Never store passwords with MD5, SHA-1, or SHA-256 — use bcrypt, scrypt, or Argon2

Password hashing is not encryption — it is a one-way function designed to be slow. MD5 and SHA-1 are fast hash functions designed for checksums, not security. A modern GPU can crack billions of MD5 hashes per second. The RockYou breach exposed 32 million passwords in plaintext; the LinkedIn breach exposed 117 million SHA-1 hashes that were cracked within days. Use bcrypt (minimum cost factor 12), scrypt, or Argon2id — purpose-built password hashing functions with tunable slowness. Bcrypt's use in the Slack breach meant their stolen hashes provided negligible value to the attackers despite the database being fully compromised.

See: RockYou BreachData Protection
intermediate

Encrypt sensitive metadata, not just content — URLs and filenames reveal as much as files

LastPass stored encrypted vault content but kept the URLs of websites in each entry as unencrypted metadata. When their vault database was stolen, attackers immediately had a map of every service each user had an account with — extremely valuable for targeted attacks. Encrypt all metadata associated with sensitive data: not just file contents but filenames, access timestamps, record labels, and category information. In database design, consider whether column names themselves reveal information about the data they contain. End-to-end encrypted systems that leak metadata provide much weaker guarantees than their encryption implies.

See: LastPass BreachData Protection
beginner

Implement Subresource Integrity for all externally hosted JavaScript

Subresource Integrity (SRI) is an HTML attribute that locks a script tag to a specific cryptographic hash of the file — if the CDN serves a modified version, the browser refuses to execute it. The polyfill.io CDN hijack in 2024 served malicious JavaScript to 100,000 websites because none of them had SRI hashes on their polyfill script tags. A single attribute (<script src="..." integrity="sha384-..."> ) would have protected every affected website. Apply SRI hashes to every externally-loaded JavaScript and CSS file. Self-host critical JavaScript dependencies where possible.

See: Polyfill.io CDN HijackData Protection