HDD Erasure

NIST specifies several methods for erasing data from hard drives

CURRENT TOPIC:

• G-List Hard Drive Sectors Still Contain Data

KEY LINKS:

• Comparison of Hard Drive Erasure Methods Best Practices
• Download NIST Guidelines for Media Sanitization
• What about data hidden in defective sectors

With the increase in concerns about data security at nearly every level of enterprise, knowledge concerning how to permanently erase data from PC and server hard drives has improved. For example, most people understand that simply deleting a file on a computer only removes the pointers to the data, and not the data itself. Deleted files can be easily retrieved by anyone using ordinary recovery software.

Likewise, reformatting and installing a clean version of Windows leaves most old files behind. Many will be overwritten during the installation, but a significant number can usually be recovered with professional software. As is the case with deleting, these files have been hidden rather than eliminated.

So if you plan to decommission a hard drive – whether to replace with a larger one, reuse it, donate it or recycle it, what methods exist that provide absolute assurance that all data has been removed beyond the possibility of forensic recovery?

The National Institute of Standards and Testing (NIST) provides perhaps the most authoritative resource available in the form of Special Publication 800-88. Entitled Guidelines for Media Sanitization, which includes best practices recommendations for the elimination of electronic data on CDs, Hard Drives and other electronic media.

The report specifies physical destruction methods at the highest level of security. Such methods include shredding, disintegration, incineration, pulverization or melting, which destroys destroys the media itself. Offsetting the high security level are two downsides of physical destruction methods. The first is that the drive can no longer be used, a negative factor as the world moves toward more green solutions. The second is that physical destruction can’t provide audit trails proving that specific data has been destroyed.

For high security scenarios, many IT Security practitioners are moving toward a combination of firmware-based erasure combined with shredding. Secure-erase devices provide legally defensible audit trails (more below), which physical destruction cannot.

Next in the ranking is what is known as Security Erase purging. This firmware based process is actuated by hardware devices that connect directly to the hard drive. Developed by the NSA, Security Erase is a firmware based protocol embedded in most ATA/SATA harddrives. It’s primary advantages are that the hard drive is still usable after purging, and it is able to provide a printed audit trail for situations in which certification is desirable.

Just below Security Erase is Degaussing, an technology that deploys a powerful magnetic field to destroy all magnetically recorded data. Because degaussing renders the drive unusable, it does not lend itself to recycling. More information on degaussing is contained in the following chart.

The next level of data erasure is generally referred to as “wiping” or software overwrite. This erase method writes patterns of meaningless data (0’s and 1’s) over existing data, essentially replacing it with random information. Software overwriting is generally time consuming – especially for commercial or high volume applications. There are a wide range of software overwrite solutions, from free to rather pricey. Higher end products in this category are able to provide audit trails.

For a more comprehensive comparison of HDD erasure methods, please visit this link.