How to delete files securely and completely in Windows 11 using SDelete

Complying with DoD standards for securely deleting files in Windows 11 requires the use of a special application. Luckily, Microsoft makes one available for free in Sysinternals.

Previously, we discussed how to delete files and overwrite them with random numbers using the format command in Windows 11. While effective in a pinch, this method does not meet the most stringent requirements for securing storage devices containing sensitive data. To fulfill these requirements we will have to download and use a special application designed for this task.

SEE: 100+ IT Policies Available for Download (TechRepublic Premium)

The SDelete command line application is part of the free set of tools and utilities supported and sanctioned by Microsoft known as Sysinternals. SDelete can be used to securely overwrite deleted files as well as securely erase all file data present in the unallocated parts of a hard drive. The utility app is specifically designed to meet US Department of Defense guidelines for wiping and sanitizing storage media.

Note: SDelete also works with Windows 10, Windows 8, Windows 7, Windows Vista and Windows Server 2008 and later.

Safely and completely delete files in Windows 11 with SDelete

Download SDelete for free from the Microsoft Sysinternals website. Extract the executable files found in the ZIP file to the C:\Windows\System32 folder (Figure A) on your system disk.

Figure A

SDelete does not delete files, it overwrites deleted files. This is an important but subtle distinction to understand. SDelete does not delete files itself.

As you might have guessed, SDelete requires administrator access and credentials. Make sure you open the command prompt that you will use for SDelete commands in administrator mode. Type “command prompt” in the Windows 11 desktop search tool and select “Run as administrator” from the list of options as shown in Figure B

Figure B

As a command line application, SDelete requires parameters and switches to function properly. The basic syntax for SDelete is:

sdelete -p -s -s [File or folder to operate on]

Available command parameters include:

• -c: Clean up free space. Specify an optional amount of disk space to be left free for use by a running system.
• – p: Specifies the number of overwrite passes (default is one).
• -r: Remove read-only attribute.
• -s: Recursive subdirectories.
• -e.g: No free disk space (good for virtual disk optimization).

The US Department of Defense standard 5220.22-M, as specified in the National Industrial Security Program Operating Manual (NISPOM), requires three overwrite passes with an additional 100% verification pass. The updated DoD 5220.22-M ECE method requires seven passes. To meet these two standards, we would issue these SDelete commands:

sdelete -p 3 -r -s C:\SensitiveData

sdelete -p 7 -r -s C:\SensitiveData

To overwrite and clean up all previously deleted files on a drive without deleting current files, we would use the wipe free space (-c) parameter. For example, to overwrite all previously deleted files on drive D: we could use this command:

sdelete -p 3 -c D:

Although there are third-party applications available in the market that can securely erase files, they basically use the same method as this free Microsoft utility. Why pay for a useful tool when you can download one for free?