Ensuring That No One Can Access Deleted Data

A recent security seminar speaker warned about the dangers of "data remanence" on computer systems. What is data remanence, and how can I protect my Windows NT systems against its dangers?

Data remanence refers to data that a computer system still stores after that data is theoretically no longer available. On an NT system, such data is stored in the Recycle Bin and the pagefile. For example, although a user might have deleted data, NT automatically stores a copy in the Recycle Bin. Users who aren't aware of this feature or who forget to empty the Recycle Bin might expose their deleted data to administrators or even to unauthorized users.

You can configure the Recycle Bin to not save a copy of deleted files by selecting the Do not move files to the Recycle Bin. Remove files immediately when deleted check box in the Recycle Bin Properties dialog box, as Figure 2 shows.

The pagefile is the system memory's overflow area on hard disk. Infrequently accessed code pages are written (i.e., paged) to disk to save memory for other programs. Intruders who bypass the NT OS might copy and analyze the pagefile to retrieve confidential memory data. Therefore, you should clear the pagefile when the system shuts down. Microsoft offers a registry change to do so. Add the ClearPageFileAtShutdown key (of type REG_DWORD) to the HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory Management registry subkey and set its value to 1. (This registry change is also documented in the Microsoft article "How to Clear the Windows Paging File at Shutdown" at http://support.microsoft.com/default.aspx?scid=kb;en-us;q182086.)