Advances in technology and the emergence of new data storage devices have led that data destruction has become a more complex issue because there are new aspects to it. This blog summarizes the current trends in data destruction.
The Emergence of New Data Storage Devices
Flash memory-based data storage devices with high capacity, small size, and fast data processing speed are now available. They have different physical properties than traditional magnetic hard drives. Even magnetic hard drives have changed—they have higher capacity and different physical properties than previous ones. Flash memory-based data storage devices exist in various forms, such as USB flash drives, external hard drives, etc. They are also built into laptops, tablets, and smartphones. In addition, large amounts of data are now stored in cloud systems, which sometimes need to be wiped clean as needs are. Data destruction processes need to be adapted to suit the newest data storage models.
New Media Sanitization Standard
As data storage devices diversify and technology advances, it is no longer possible to define a media sanitization method as a standard for all. In the United States, DoD 5220.22-M, which was recommended as the standard for disk-wiping algorithms, is officially no longer valid. NIST SP 800.88 Rev. 1, titled “Guidelines for Media Sanitization”, has taken its place. This document defines three categories of media sanitization: clear, purge, and destroy. It also provides minimum requirements and guidelines for each media sanitization category and each storage device. Every organization should refer to it to establish and implement its own media sanitization policies and procedures.
One-Pass Overwrite Is Sufficient
For the latest magnetic hard drives, the Guttman method (35-pass overwrites) and the DoD method (3- or 7-pass overwrites), which have long been recognized as international de facto standards, are no longer needed. Studies show that one-pass overwrite is sufficient. With the use of much higher density than in the past, the likelihood of recovering the original information using a magnetic force microscope is diminished. Indeed, there have been no reported cases of anyone using this manner to recover overwritten data. Nevertheless, many organizations are still using old overwrite standards, even though it seems like a ‘traditional ritual,’ which is an overkill.
Data Destruction Using Dedicated Sanitize Commands
Flash memory-based data storage devices, such as SSDs, provide dedicated sanitize commands which write and erase significantly faster than overwrite methods in magnetic hard drives. Overwriting flash-memory-based data storage devices dramatically shortens their lifespan. Also, the physical storage area that stores the actual data and the logical storage area that can be accessed by the software are distinct, so even if the software overwrites something on the drive, the old data may remain in a different area. The user needs to know the available commands for each storage device, to make sure every storage area of the device is wiped clean.
Cryptographic Erase (CE) Method
CE encrypts stored data and removes the encryption key, making the data irrecoverable. This process is faster and more efficient than erasing data, and CE is a good method to sanitize partial data in the cloud system as well. However, to use CE one must ensure that all encryption keys have been deleted completely and that all data has been encrypted. In addition, NIST SP 800.88 recommends that users consider the following when deciding whether to use CE: 1) whether encryption keys are generated in a proper manner, 2) whether the encryption the media to protect the data is strong enough, and 3) whether the security level of the encryption key and the wrapping technique are appropriate for the CE. In a nutshell, CE can be very efficient if used correctly, but it is difficult to verify that it has worked.
Limitations of Degaussing
A degausser cannot wipe out all storage devices. Flash-memory-based storage devices, for example, cannot take advantage of a degausser because their data is not damaged by magnetic shock. Some of the latest magnetic hard drives also have high coercivity, so data managers should make sure that their existing degausser actually works on the device they wish to erase.
The higher the density of a flash memory chip, the greater the chance of data recovery, unless it is shredded into pieces that are much smaller than the original device. In addition, since the flash memory chip is very hard, it is easy to damage the grinder, which may need a replacement of its parts or of the entire machine. Finally, physical destruction can generate harmful substances that must be handled carefully. Overall, the cost of physical destruction has been increasing.
The Importance of Software Wiping
NIST 800.88 recommends selecting a data erasure method according to three categories (clear, purge, and destroy) depending on the confidentiality of the data and whether the device is reused or controlled in the organization. As a result, organizations need to be selective and capable of different erasure methods, including software wiping, degaussing, and physical destruction.
It is widely recommended to have clearly defined software-wiping policies and procedures in an organization. For maximum security and convenience, organizations should undertake software wiping before reusing storage devices, even for devices that are slated for complete disposal. Outsourcing the entire data destruction process increases the likelihood of data leakage because the storage device must pass through the hands of several people before the data is erased completely. Thus, software wiping, which is less expensive than degaussing or physical destruction, is an essential requirement in an organization.
Secudrive Drive Eraser
Secudrive Drive Eraser provides suitable sanitization and verification methods for a variety of media. It provides ATA commands for SSDs as well as overwriting of magnetic disks. The hexadecimal view verifies the data before and after wiping. Furthermore, after the deletion, logs on computers, storage media, and wiping information are automatically generated. The logs can then be output as tamper-resistant reports and stored in various file formats for easy integration in the organization’s IT asset management system.