Permanent file deletion - sensitive data

peteroc · June 20, 2007, 11:39am

All,

I'm hoping someone can help fill me in on this one.

I work with bank data deemed "sensitive" and, once processed, need to figure out a way to overwrite the files with enough garbage data in order to prevent someone from being able to recover any of the data from the disk. I know a simple rm won't do the trick, as that only removes the pointer to the data. Any help is appreciated.

Thanks,
Pete

Shell_Life · June 20, 2007, 11:42am

Will this do for you:

tail your_file > your_file

peteroc · June 20, 2007, 11:53am

Thanks Shelf-Life,

That seemed way too easy, but I tried it out and it appears to work. I have a feeling that PCI standards won't accept that as adequate enough though.

PCI - for those of you unfamiliar with it - is a Visa/MasterCard set of rules to protect credit card account numbers from theft. So while the solution offered does work, I need to be assured that the data could not be recovered by anyone (except for the NSA of course :D). Any more ideas to throw into the fray?

Thanks,
Pete

Shell_Life · June 20, 2007, 11:56am

Pete, if you do not want to empty the file, the other solution is to
change/encrypt the data.

peteroc · June 20, 2007, 12:05pm

Here's what my process looks like:

1 - I receive a PGP encrypted file to server A.

2 - I make a call to a key store on another server (server B) to pick up the private key needed to perform the decryption on server A.

3 - I decrypt the file, and run an encryption routine on the account number portion of the decrypted file. I may encrypt the entire file, though not sure yet.

4 - I send the protected file off to its destination server (server C).

5 - I now need to permanently delete (ensure the data cannot be recovered from the disk utilizing any software or hardware scanning device) the private key picked up from step 2 in addition to the decrypted file from step 3.

I hope you can see where my pain is, and I'm not sure if you're tail command would sufficiently protect the information. Can you confirm?

jim_mcnamara · June 20, 2007, 12:10pm

There are command line utilties like GNU shred which can be installed and are free. It works well.

A problem arises when the file is on a RAID, or when the filesystem does not perform update in place -- a journaled or log structured fs for example. Then you have a wholly different problem. Then - none of these kind of programs work well.