Use a secure delete program to wipe those files off disk
If you do this, make sure you use a secure delete process that is compatible with the storage you are using.
Any 'secure delete' program that simply works by multiple writes to the file as defined by NTFS will do nothing to the underlaying data on most SANS and all SSD storage.
This is because most modern storage gets it performance by only doing writes and reads, and never does updates. When the OS wants to update a buffer full of data, the storage grabs some space from a free space pool and does the write to that. The original slot for the data on the storage device is then put in a garbage collection pool for recycling. The recycling process typically just marks the slot as empty and puts it back into the free space pool.
A 'secure delete' program that writes zeroes 5 times to the file space as defined by NTFS will only succeed in writing 5 sets of zeroes to the storage, leaving the original data untouched except for what garbage collection does.
Therefore if you want to do any form of secure delete that removes any trace of the bit pattern of the original data, you need something that can tie up the NTFS view and the storage device view of where the data is, and make sure the storage slots that hold the data get securely cleared. Most SAN vendors will supply such a program, but only as an extra-cost item to the basic SAN package.
If you have data on commodity SSD storage (eg OCZ, Crucial, Kingston, etc) the best way to do a secure delete is to put your SSD storage device into a furnace or a shredder.
Original author: SQL Server FineBuild 1-click install and best practice configuration of SQL Server 2017 2016, 2014, 2012, 2008 R2, 2008 and 2005. 1 Dec 2016
: now over 39,000 downloads.
Disclaimer: All information provided is a personal opinion that may not match reality.
Quote: "When I give food to the poor they call me a saint. When I ask why they are poor they call me a communist." - Archbishop Hélder Câmara