hard drives

What are they?

Hard drives are probably the most common storage devices for computer data.  They range from very small units inside portable devices (such as Apple iPODs and other music players), to medium-sized hard drives inside almost every personal computer, to large-capacity drives that provide storage for server computers.

The common factor is that all hard drives contain one or more rapidly-spinning rigid magnetic disk(s), over which a moving arm hovers to read and write data.  What do we mean by rapidly spinning?  From 4,000 to 10,000 revolutions per minute (RPM) or faster.

What do we mean by small and large?  The smallest hard drives contain disks less than an inch in diameter, but manage to hold several gigabytes of data.  (A gigabyte is a 1000 megabytes)  Two-inch drives, also used in portable devices, can contain 50 or more gigabytes.   Standard PC laptop and desktop drives in the 2.5- and 3.5-inch sizes hold tens to hundreds of gigabytes.  Arrays of hard drives for servers can store many terabytes (thousands of gigabytes) or even petabytes (thousands of terabytes) of data.

Hard drives can be contrasted with solid-state storage devices like flash drives, that rely on memory chips rather than spinning disks to hold data.  (Apple iPod Nano and Shuttle models, for example, currently rely on flash drives rather than micro hard drives.)

Hard drives can also be differentiated from the storage media that use spinning non-rigid -- that is, "floppy" -- magnetic disks.  CDs and DVDs spin too, of course, but use optical methods rather than magnetic recording for data storage.

When purchasing a PC  you usually have a choice of hard drive capacity.  How much is enough?   If you mostly use your computer for text documents -- and only a small quantity of images, sound recordings or movies -- a drive with 30 to 50 gigabytes should be more than adequate. 

If you want to store lots of other-than-text content, get more gigabytes.  Fortunately, additional hard drive capacity is relatively cheap.  But, per the discussion below, remember that whatever you store you must also back up.

The speed with which a hard drive can read and write data is also a critical performance factor.   In general, faster rotation speeds are better -- e.g., 7,200 RPM drives have better performance than 5,400 RPM drives of the same approximate age.   Sometimes you will see a specification for "seek time" -- roughly, the average time required for the hard drive's read/write arm to be moved to the correct position on the disk's surface.   Shorter seek times are better.

Hard drive specifications include a somewhat bewildering array of abbreviations -- ATA, PATA, SATA, IDE, EIDE, SCSI -- that describe the standard to which the drive adheres.  Newer standards allow for faster communications between the hard drive and other computer components.  In general, avoid older drives, as performance improves (often dramatically) with every generation. 

Hard drives are ruggedly constructed, particularly those designed for use in portable devices.  But the reality is that any device designed with moving parts that operate at such high speeds and fine tolerances is prone to failure.  (By contrast, solid state memory devices like flash drives tend to be much more robust.)

Hard drive failures can be limited to bad areas ("bad sectors") on the disk, that reduce the capacity of the drive.  Or the failure can be catastrophic, such as a "crash" of the read/write arm onto the disk surface, resulting in a loss of all or almost all of the data on the drive.  Sometimes there is a warning of impending problems.  Often there is not.  Data recovery, if it is possible at all, may be expensive.

What is the fix?  First, you should never rely on a hard drive for your only copy of important, hard-to-replace data.  Keep a backup copy on another drive (such as an external plug-in hard drive), a flash drive, or an optical disk (CD or DVD).

"Internal" hard drives, as their name implies, reside inside the computing device for which they provide storage.  So they are as secure -- or insecure -- from intruders as that device.  In the case of PCs kept in controlled-access offices, that's generally pretty secure. 

In the case of portable computers like laptops, notebooks, PDAs and smart phones, the possibility that the device can be lost or stolen means the disk drive inside is vulnerable.  "External" hard drives, designed to be carried around and plugged in to a computer using a USB or Firewire connection, share the same insecurity.

In general, you should not carry around large amounts of sensitive data on any portable computer or data storage device, for the same reason you shouldn't carry around a large amount of money.  It's too risky.

If a person can gain access to your hard drive -- e.g., by removing it -- it is a relatively easy matter to plug it in to another computer and read the information from it.  This is true even if you've set a password for your computer or other device.  Password-cracking and password-bypass software are readily available to those that seek it.

Encryption methods can prevent access to data should the drive be compromised.  Add-on encryption software solutions generally require that you pick a password, which is then used along with an encryption algorithm to scramble the data.   The usual considerations for password security apply.   Windows 2000 and XP Professional have a built-in encryption capability called the Encrypting File System (EFS), which can be used for individual files or folders.

Hard drives containing obsolete data can be overwritten, erased or destroyed for data security.  (For more, see our discussion of secure data disposal methods.)  Software can also be installed that allows for remote deletion of files on a compromised device the next time it is used on the Internet.  If you must carry sensitive data on a portable, consider adding this protection. 

Your organization may also offer access to server-based files, that reside on the hard drives located in an organization's data center.

With each passing year, hard drives are able to deliver ever greater capacity, at an ever cheaper cost per stored byte.  However, the capacities and costs of solid-state flash drives are also improving each year, and they present a compelling alternative for smaller data volumes.

The break point is constantly shifting.  At the time of this writing, flash drives probably have the edge for volumes of 1-2 gigabytes or less, particularly where portability or somewhat greater resistance to damage are important.  For more than a few gigabytes, hard drives retain the edge.

Look for hard drives to naturally evolve into solid-state storage as technology advances and production costs improve.  What does this mean to you?  Essentially -- more data on smaller devices, that have no moving parts to fail, which can be read/written to faster.  We also believe that over time, next generation DVD and other storage devices will look more like flash memory sticks; more portable and less prone to damage from the elements.

High volume storage where re-writing is not needed, such as for archival backup copies, can more cheaply use write-once optical media like CD-Rs, DVD-Rs and DVD+Rs.  The long-term productive life of optical media like CDs and DVDs is claimed to be many decades (though this has not been clearly established).  Even so, you should not rely on optical media -- or any other kind of media for that matter -- for your only backup copy of important data.

Whatever data storage medium you use, be sure to keep it in a physically secure place, as safe as possible from human and environmental threats.

Hard drives (Wikipedia)
An overall description of how they work, with links to every conceivable technical detail

Protecting Portable Devices: Physical Security (US-CERT)
Basic steps for keeping your portables physically safe, including the hard drive inside it

Protecting Portable Devices: Data Security (US-CERT)
Basic steps for protecting the data on portables, including data on the hard drive

Last modified: 23-Apr-2006 [RC]