Secure Erase

WHAT IS SECURE ERASE?

Secure Erase* is an erasure command feature embedded into virtually all ATA drives manufactured since 2001. Originally mandated by the NSA, it provides a firmware-based process that allows the hard drive to erase all data on the drive. The firmware command was developed by the University of California at San Diego’s Center for Magnetic Recording ResearchCenter for Magnetic Recording Research. According to the University’s website, the Secure Erase feature “completely erases all possible user data areas.”

The ANSI T-13 committee which oversees the ATA (also known as IDE) interface specification and the ANSI T-10 committee which governs the SCSI interface specification have incorporated Secure Erase (SE) into their standards.

WHAT DOES THAT MEAN IN THE REAL WORLD?

The ANSI T-13 committee which oversees the ATA (also known as IDE) interface specification and the ANSI T-10 committee which governs the SCSI interface specification have incorporated Secure Erase (SE) into their standards.

WHAT DOES THAT MEAN IN THE REAL WORLD?
Compared to other hard drive sanitization methods, Secure Erase is the only technique that purges all the data stored on a hard disk drive using internal commands.

Until recently, the de facto standard for high security hard drive sanitation has been DOD 5220 (Department of Defense), a standard that specifies multiple block overwrites. This technology is generally classified as “clear”. This method requires custom software and can take days to complete on a large drive. The PC hosting the drive is also out of service for the duration.

The release of NIST Special Publication 800-88 (Guidelines for Media Sanitization) in 2006 has essentially established a new standard for purging data from hard drives. In this document, NIST rates Secure Erase and Degaussing methods higher than the software overwriting or “clear” technology, at the highest level of security that doesn’t destroy the hard drive itself.

Degaussing is a magnetic process that destroys the data but also destroys the drive, whereas Secure Erase allows the drive to be reused. Secure Erase is also distinguished from various freeware and commercial software overwrite products in that it uses internal commands embedded in the HDD by the manufacturer. This allows it to process at the speed of the drive, rather than the clock speed of the PC. Secure Erase is virtually always faster than software clears, in many cases significantly faster.

Despite the effectiveness of Secure Erase, there is one downside: hard drive manufacturers have made it difficult to access the command. This makes sense, in that the command could be exploited by malware or a virus on active storage devices. Therefore, most hardware manufacturers have protected their products from easy access by the user.

However, IT security experts have now developed commercial products that quickly and easily initiate Secure Erase for the purpose of hard drive sanitation. The front runner in this category is CPR Tools’ Hammer, which incorporates a number of verification tools and other functions. With roots in the hard drive manufacturing industry, CPR Tools is now one of the nation’s foremost forensic data recovery experts, and numbers a wide range of government security and law enforcement agencies among its clients.

You may also download free DOS-based software** from the University of San Diego.

* The Secure Erase command is distinguished from the generic marketing term “secure erase” used by vendors of software overwrite products.

** Neither UCSD nor the NSA currently offers support for this software).