Javascript Menu by Deluxe-Menu.com

destruct data security and destruction solutions
TODAY'S TOPICS

  • How Blue Cross Blue Shield Could Have Saved $7 million

  • gRase Erases Hard Drive Data on "G-Listed" Bad Sectors

  • NAID Announces Certification for Secure Erase.

  • HITECH Act Increases Penalties for HIPAA Non-Compliance
    • Hard Drive Sanitization Methods
    The summaries on this page are based on National Institute for Testing and Standards
    (NIST) Special Publication 800-88: Guidelines for Media Sanitization.
    Method / Description Security Level Advantages Disadvantages
    Physical
    Destruction:

    hammer scsi hammer and psiclone

    Disintegration, incineration, pulverization or melting in order to completely destroy the media itself.     		Physical Destruction of media is the ultimate form of sanitization. After media are destroyed, they cannot be reused as originally intended.
  • Highest level of security: assures that data is unrecoverable by any means.
  • Large amounts of media can be destroyed at once
  • Different types of media can be destroyed simultaneously
  • Cannot provide verification of the destruction process as required for regulatory compliance unless electronic data purges also take place prior to physical.
  • Hard drive or other media is no longer usable; econmically wasteful, environmentally questionable.
  • Typically outsourced to a metal destruction or incineration facility, which may compromise control.
  • Specific safety, hazmat, and special disposition requirements.
    • Firmware Based Security
    Erase or Purge:
    hammer scsi hammer

    Hardware-based solutions connect directly to the hard drive and implement an erasure command that erases data but allows the drive to be redeployed. Many hardware solutions use the Secure Erase protocol developed by the NSA for ATA/SATA harddrives.     		Highest security rating that does not involve physical destruction of the hard drive.
  • Does not destroy hard drive; the drive may be reused or sold.
  • Portable solutions are effective for on-site purging because no software need be loaded onto the PC.
  • Green solution uses less energy than other methods.
  • Can be significantly faster than clear methods (software overwrite).
  • Provides Certification and a defendable audit trail.
  • No safety or hazmat issues.
  • Some solutions require that drives be physically removed from the PC.
    • Software Overwrite (Clear)
    software clear

    Software based data destruction deploys a special application to write patterns of meaningless data (a combination of 1s and 0s) onto the drive, usually requiring several passes. The older, Department of Defense standard requires 3 levels of overwriting.     		Rated by NIST as equal to firmware-based purging (above)
  • Hard drive may be re-used.
  • May be deployed over a network.
  • Widely available commercially or as freeware for low volume requirements.
  • Some solutions offer validation and reporting utilities.
  • Viable for in-house computers.
  • Not a scalables solution; inappropriate for enterprise wide compliance programs.
  • Costly in terms of electrical requirements.
  • May be time consuming, especially for multiple passes.
  • Not portable for off-site hard drive sanitization.
  • Not usable if the hard drive is damaged or is not writeable.
  • Not all overwriting tools are able to erase data on the locked/hidden sectors, thus compromising data security.
  • Most overwriting programs access the drive via the BIOS, resulting in incomplete erasure.
  • Many freeware/shareware tools exist which perform an incomplete erasure putting a company at risk of a data breach.
    • Degaussing
    degaussing solutions from Destruct Data

    Deploys a powerful magnetic field to destroy all magnetically recorded data.     		Highest security rating that does not involve physical destruction of the hard drive (although the hard drive is rendered unusable).
  • Capable of destroying all the data on the hard drive, especially older units (especially hard drives that require a weaker electromagnetic field).
  • Relatively fast process.
  • Can also be used to destroy data on other magnetic media.
  • Destroys hard drive permanently; not a "green" solution.
  • Cannot provide verification of the destruction process as required for regulatory compliance.
  • May be less effective on newer drives with thicker shielding.
  • Drive must be physically removed from the PC.
  • Degaussing machines are costly and may damage nearby equipment.
  • Generally requires a third-party vendor and may compromise care, custody and control protcol.
    • Deletion
    deleting files from your computer doesn't delete files from your computer

    Removes pointers to files without actually destroying the data.     		Not considered by NIST as a viable means of removing data
  • Easy
  • Allows easy access to files and should not be considered secure solution.
    • Cypher Ultra Portable Electronic Media
    Cypher Ultra-Portable
    Media Erasure Kit

    enterprise level data purging
    Enterprise Sanitization: Rackmount / Portable / Custom

    hammer sanitizes up to four ATA hard drives simultaneously without destroying the drives
    Erases ATA hard drives securely, allows re-use.

    scsi hammer erases up to 30 SCSI hard drives in raid shelves
    Quick, Economical Hard Drive Erasure