D-Secure - Advanced Data Security Solutions

Application Settings and Customization

Customize D-Secure File Eraser Network to align with your organization's security policies, compliance requirements, and operational workflows. Fine-tune erasure methods, configure trace removal preferences, and protect critical files from accidental deletion.

Understanding D-Secure Settings

D-Secure File Eraser Network provides comprehensive configuration options that let you tailor the software's behavior to match your specific security requirements and operational needs. Proper configuration ensures that erasure operations meet compliance standards (GDPR, HIPAA, DoD regulations) while maintaining efficient workflows for your IT team.

Settings are organized into four main categories: General Settings control overall application behavior, Erasure Algorithms determine how data is overwritten, Erase Traces Settings specify what digital footprints to remove, and Ignore File Lists protect important files from accidental erasure. All settings are saved automatically and apply globally across the application unless overridden for specific tasks.

Accessing Settings:

Click the Home ribbon tab, then click the Settings button. The Settings dialog opens with tabbed navigation for each category.

General Settings

General Settings control the core operational behavior of D-Secure File Eraser Network. These settings affect how the application interacts with your network, performs erasure operations, and presents information to users. Navigate to Home → Settings → General tab to configure these options.

Network Connection Status Check

Purpose: Automatically verify network connectivity to target computers before attempting erasure operations.

How it works: When enabled, D-Secure pings each selected computer to confirm it's online and accessible before initiating file scans or erasure. This prevents wasted time attempting operations on offline machines.

Recommendation: Enable this for large networks where computers may be offline. Disable if you're working on a small network where all computers are reliably connected, as it saves a few seconds per operation.

Default Erasure Algorithm

Purpose: Set the data overwriting method used by default for all erasure operations.

How it works: This algorithm is pre-selected whenever you start a new erasure task. You can always change it for specific operations, but having a sensible default speeds up routine work.

Most Common Choices:

  • Small Businesses: DoD 5220.22-M (3 passes) - excellent security, reasonable speed
  • Government/Military: DoD 7-pass or Gutmann (35 passes) - maximum security
  • Quick Internal Cleanup: Zeroes (1 pass) - fast but less secure
  • Compliance (NIST): NIST 800-88 Clear - meets modern data sanitization standards

Verification Method

Purpose: Determine how thoroughly the software verifies that data was properly overwritten after erasure.

Options Explained:

No Verification (Fastest)

Skips verification entirely. Use for non-sensitive data where speed is more important than absolute certainty. Erasure still occurs, but you rely on the algorithm without double-checking.

Random Verification (Balanced)

Samples random sectors from erased areas to verify overwriting. Good compromise—catches most issues without significantly impacting time. Recommended for most business use.

Total Verification (Most Secure)

Reads every sector to confirm proper overwriting. Required for highly sensitive data and compliance with strict regulations. Doubles operation time but provides absolute certainty.

Confirm to Proceed (Safety Dialog)

Purpose: Display a final confirmation dialog before irreversible erasure begins.

How it works: When enabled, after you select files and click "Erase," a dialog appears asking "Are you sure? This cannot be undone." You must click "Yes, Erase Now" to proceed. This prevents accidental clicks from triggering permanent data loss.

Recommendation: Leave enabled for safety, especially if multiple administrators use the software. Experienced power users working on routine tasks may disable it for faster operations, but use caution.

Show File Size in Details Pane

Purpose: Display file sizes alongside file names in the browsing interface.

How it works: When browsing remote computers' file systems, enabling this adds a "Size" column showing each file's size in KB, MB, or GB. Useful for identifying large files that may take longer to erase.

Tip: Enable if you frequently need to estimate erasure times based on file sizes. Disable to declutter the interface if you primarily erase by traces rather than individual files.

Erasure Algorithms Library

D-Secure File Eraser Network includes 17+ industry-standard erasure algorithms developed by government agencies, military organizations, and security researchers worldwide. Each algorithm uses different overwriting patterns and pass counts to ensure data cannot be recovered. Choosing the right algorithm balances security needs with time constraints—more passes provide higher security but take proportionally longer.

Complete Algorithm Reference

Military & Government Grade

DoD 5220.22-M (3 passes ECE)

US Department of Defense standard. Most popular - excellent security with reasonable speed.

DoD 5220.22-M (7 passes)

Extended DoD standard with additional passes for higher security.

DoD 5200.28-STD (7 passes)

DoD Rainbow Series standard for classified material.

US Army AR380-19 (3 passes)

US Army regulation for handling sensitive information.

NATO (7 passes)

North Atlantic Treaty Organization data sanitization standard.

AFSSI 5020 (3 passes)

US Air Force System Security Instruction standard.

International Standards

NIST 800-88 Clear

US National Institute of Standards - modern sanitization guideline, widely accepted.

GOST R 50739-95

Russian government standard for information security.

German VSITR (7 passes)

German Federal Office for Information Security standard.

British HMG IS5 (3 passes)

UK Her Majesty's Government infosec standard.

RCMP TSSIT OPS-II (4 passes)

Royal Canadian Mounted Police Technical Security Standard.

Advanced Algorithms

Gutmann (35 passes)

Most secure option. Developed by Peter Gutmann. Extremely thorough but very slow.

Schneier (7 passes)

Created by cryptographer Bruce Schneier - balanced security.

Pfitzner (33 passes)

Roy Pfitzner method - very high security with 33 specialized passes.

Basic/Fast Algorithms

Zeroes (1 pass)

Overwrites with zeros. Fastest option. Suitable for non-sensitive internal cleanup.

Pseudo-Random (1 pass)

Overwrites with random data. Slightly better than Zeroes, still very fast.

Choosing the Right Algorithm

Speed vs. Security Trade-off: More passes = higher security but longer time. A 100GB hard drive erased with Zeroes (1 pass) might take 30 minutes, while Gutmann (35 passes) could take over 15 hours.

General Guidance: For most business scenarios, DoD 5220.22-M (3 passes) provides excellent security with acceptable speed. Reserve Gutmann and 33-pass methods for exceptionally sensitive data where time is secondary to complete assurance. Single-pass methods are fine for routine cleanup of non-confidential data.

Verification Methods Explained

Verification is the process of confirming that data has been properly overwritten after erasure completes. While erasure algorithms are highly reliable, verification provides additional assurance for audit trails and compliance reporting. The verification method you choose impacts total operation time and the level of certainty you receive.

1

No Verification

Fastest • No additional time • Lowest certainty

The erasure algorithm runs, but no verification pass occurs afterward. The operation completes immediately after the final overwrite pass finishes. You trust that the algorithm worked correctly without double-checking.

When to use:

  • Erasing non-sensitive data (temporary files, caches, non-confidential documents)
  • Time is critical and you need maximum speed
  • Initial cleanup passes before more thorough erasure
  • You have high confidence in your hardware (no known disk errors)
2

Random Verification (Recommended)

Balanced • +10-15% time • Good certainty

After erasure completes, D-Secure randomly samples sectors across the erased area and reads them to verify they contain the expected overwrite pattern. Typically checks 5-10% of total sectors, which catches most potential issues while adding minimal time.

When to use:

  • Most business and corporate data erasure scenarios
  • When you need reasonable assurance without significant time penalty
  • Meets many compliance requirements (GDPR, SOX, HIPAA general provisions)
  • Good balance for daily administrative tasks

✓ This is the default recommendation for 90% of use cases

3

Total Verification (Maximum Security)

Slowest • +100% time • Absolute certainty

Reads every single sector in the erased area to confirm proper overwriting. Essentially doubles the operation time since it must read back everything that was written. Provides mathematical certainty that erasure completed correctly—catches even rare hardware errors.

When to use:

  • Highly sensitive data (classified information, financial records, healthcare data)
  • Strict compliance requirements (DoD, NIST 800-88 Purge, PCI-DSS highest levels)
  • Legal or forensic scenarios where you need absolute proof
  • When generating audit reports for external regulatory review

⚠️ Time consideration: 100GB might take 2-4 hours with verification vs. 1-2 hours without

Erase Traces Configuration

Digital traces are the footprints left behind by your operating system, applications, and internet browsing. These traces can reveal what files you accessed, websites you visited, applications you used, and searches you performed—even after the original files are deleted. D-Secure's Erase Traces feature removes these digital breadcrumbs to protect privacy and comply with data protection regulations. Configure which traces to remove by navigating to Settings → Erase Traces.

INTERNETInternet Activity Traces

Modern web browsers store extensive records of your online activity. Each browser has independent trace storage, so you must configure settings separately for each installed browser. D-Secure detects and supports all major browsers automatically.

Supported Browsers:

  • Microsoft Edge (Chromium & Legacy)
  • Google Chrome
  • Mozilla Firefox
  • Internet Explorer (all versions)
  • Apple Safari (Windows)
  • Opera
  • SeaMonkey

What Gets Erased:

  • Browsing history (URLs visited)
  • Cache files (images, scripts)
  • Cookies and tracking data
  • Download history
  • Saved passwords (optional)
  • Form autofill data
  • Session data

Important: Close all browsers before erasing traces for best results. Open browsers may regenerate some traces immediately or lock files preventing erasure.

APPLICATIONSApplication Traces

Desktop applications create traces similar to browsers—recording recent files, search history, and usage patterns. These traces can expose sensitive business information long after the actual files are deleted or moved.

📧 Email & News Clients

Erases recent contacts, search history, and temporary file caches from Outlook, Thunderbird, and similar applications. Does NOT delete actual emails—only traces of email activity.

🔄 P2P File Sharing

Removes download histories and shared file lists from BitTorrent clients, eMule, and similar peer-to-peer applications.

📄 Microsoft Office Recent Files

Clears the "Recent Documents" list from Word, Excel, PowerPoint, and other Office applications. Prevents others from seeing what files you've been working on.

💬 Chat & Messaging

Removes conversation logs, contact lists, and file transfer histories from Skype, Teams, and other messaging applications.

SYSTEMWindows System Traces

Windows operating system creates numerous traces during normal operation. These system-level traces can reveal computer usage patterns, installed software, and file operations performed.

Recycle Bin

Permanently erases all files in Recycle Bin across all drives

Temporary Files

Cleans Windows Temp folder, user temp, and application temp directories

Memory Dumps & Crash Reports

Removes crash dump files that may contain sensitive data from RAM

Windows Event Logs

Clears Application, Security, and System event logs (use carefully—needed for troubleshooting)

Most Recently Used (MRU) Lists

Removes Windows Recent Items, jump lists, and "run" command history

Windows Update Cache

Cleans downloaded update files and installation logs

Ignore File List (Protection)

The Ignore File List is a crucial safety feature that protects important files and folders from accidental erasure. Any item you add to this list will be automatically skipped during all erasure operations, regardless of whether it's manually selected or caught in a broader selection. This prevents catastrophic mistakes like erasing critical system files or important business documents. Use this to create a safety net around your most valuable data.

Adding Items to Ignore List

1

Access the Ignore List: Navigate to Home → Settings → Ignore File List tab

2

Click Add Items: The Add dialog appears with three protection options

3

Choose Protection Type: Select how you want to protect files

By File Extension

Protect all files with specific extensions across all locations. Example: Adding .pdf protects all PDF files everywhere.

Best for: System files (.dll, .sys), important document types (.xlsx, .docx), database files (.mdb, .accdb)

By Specific File Name

Protect files with exact names, regardless of location. Example: Adding important-client-data.xlsx protects that specific file everywhere.

Best for: Critical configuration files (config.ini), license files (license.dat), unique important documents

By Folder Name/Path

Protect entire directories and all their contents. Example: Adding C:\CriticalData protects everything inside.

Best for: System folders (Windows, Program Files), backup directories, project folders, database directories

4

Save and Verify: Click OK to save. The items appear in your ignore list and are immediately protected

✅ Recommended Additions

  • System file extensions: .dll, .sys, .exe (Windows folders)
  • Company-specific critical file types
  • Database folders: SQL Server data, MySQL data
  • Backup directories
  • License/activation files

🔄 Managing the List

  • Select any item and click Remove to unprotect
  • Export list to CSV for backup/documentation
  • Share ignore lists across multiple computers
  • Review quarterly to remove outdated entries

Critical Warning

Items in the ignore list are ALWAYS skipped during erasure—even if you explicitly select them. This is intentional for safety, but can be confusing if you forget something is on the list.

If you need to erase a protected item, you MUST remove it from the ignore list first. There is no override option to prevent accidental erasure of protected data.

Settings Best Practices & Recommendations

⚙️ Regular Reviews

Audit settings quarterly to ensure they align with current security policies and compliance requirements. Update algorithms if new standards are mandated.

🎯 Match Security to Data

Use high-security algorithms (DoD 7-pass, Gutmann) for sensitive data. Use faster algorithms (Zeroes, DoD 3-pass) for routine non-confidential cleanup to save time.

📝 Document Configuration

Screenshot your settings or export configurations for compliance documentation. This proves due diligence during audits.

🧪 Test Before Production

Test new settings on non-critical test data before deploying to production systems. Verify expected results and timing.

🛡️ Maintain Ignore Lists

Keep ignore list updated with critical system paths and business-critical file types. Remove obsolete entries to prevent bloat.

👥 Train Administrators

Ensure all administrators understand the implications of each setting. Misconfigurations can lead to insufficient security or excessive operation times.