sviko.com

Comparison of Secure Erase and other data removal methods in government agencies

Method of cleaning data is a special method by which a data destruction program or file shredder to overwrite the data on the hard disk or other storage device to the stored data securely destroyed without possibility of recovery.

Technically, there are other methods of destroying data that are not based on overwriting sectors to media, such as destroying media in shredders, demagnetizing hard drives, or burning hard drives and SSDS. As a rule, the term “data cleaning” refers to software methods of information removal.

List of data cleaning methods

Here are some popular data cleaning methods used by data destruction programs:

  • Secure Erase (industry standard)
  • DoD 5220.22-M (US Department of defense)
  • NCSC-TG-025 (us Department of security)
  • AFSSI-5020 (US AIR FORCE)
  • AR 380-19 (US Troops)
  • NAVSO P-5239-26 (US Navy)
  • RCMP TSSIT OPS-II (Canada)
  • CSEC ITSG-06 (Canada)
  • HMG IS5 (United Kingdom)
  • ISM 6.2.92 (Australia)
  • NZSIT 402 (New Zealand)
  • VSITR (Germany)
  • GOST R 50739-95 (Russia)
  • Gutmann (Peter Guttman)
  • Schneider (Bruce Schneier)
  • Pfitzner (Roy fitzner)
  • Filling in random data
  • Zero-fill

Most data destruction programs also allow you to customize your own data cleaning method with any overwrite pattern and as many passes as you want. For example, a program might allow data to be overwritten with zeros during the first pass, ones in the second pass, and then random characters for eight more passes.

What is the best method of data cleaning?

Overwriting one or more files or the entire hard drive just once with a single character (one or zero) should prevent data recovery from the hard drive by any file recovery software - this has been proven by research laboratories, which means most data cleaning methods are overkill.

Most experts agree that the best way to safely erase is to overwrite the entire hard drive in a single pass. The very simple Write Zero method does pretty much the same thing, albeit much slower.

Using any cleanup method to delete data actually just comes down to writing other data on top of your previous ones – this happens both when you safely delete one file and when you clean up the entire hard drive or disk array.

If one overwrite is enough, why are there so many methods to clean up data?

Some researchers believe that there are, or may be, methods for extracting information from hard drives that use residual plate magnetization, which will allow data to be recovered even after each sector on the drive has been completely overwritten. Therefore, independently of each other, different organizations have developed their own standards that guarantee the impossibility of recovery, not only existing methods, but also those that will appear in the future. In simple terms, everyone is trying to make a name for themselves on what is unclear and inaccessible to others.

What do you mean, “record check”?

Most of the methods to securely erase the device using the test recording sector, to ensure that his content really has changed. Some data cleaning programs allow you to change the number of such checks: once at the very end of the process (after all passes have been completed), or after each pass.

Secure Erase

Secure Erase is the name of a set of commands available from the firmware of PATA and SATA-based hard drives. Secure erase commands are used as a method of clearing data to completely overwrite all data on the hard disk. This is the only method that is used inside the hard drive: the program tells the hard drive to “delete data in a safe way”, and then the HDD controller erases the data.

Once the hard drive has been erased by a program that uses SecureErase commands, no file or partition recovery program will be able to extract data from the drive. This method works as follows:

1 pass: filling units or zeros

No overwrite check is needed here because the overwrite process is controlled by the hard disk firmware. Because of this, SecureErase is faster than other data cleaning methods and possibly more efficient.

More about Secure Erase

Because Secure Erase is only a method of cleaning up the data of the entire disk, it is not available to safely destroy individual files or folders, which so-called file shredders can do.

Using SecureErase to delete data from your hard drive is often considered the best way because it is done at a low level. Neither the operating system nor the file system is relevant to the process when the controller itself sequentially overwrites the entire hard drive.

To run the Secure Erase command, you must use a program that interacts directly with the hard disk. One such program is HDD Erase, developed by the Center for magnetic Recording Research at the University of California, San Diego. (https://cmrr.ucsd.edu/resources/secure-erase.html)

Secure Erase is not implemented in all hard drives and SSDS. Some file shredders and data cleaning programs use the words Secure Erase in their specifications, but if they do not specifically indicate support for this feature, they probably use some other algorithms.

Use Secure Erase in a storage system:

Most storage systems, including enterprise models and NAS for home users from Huawei, QNAP, and Synology support Secure Erase: simply select the drive you want to clean, run disk cleanup, and wait for the process to complete. Of course, before that you need to remove the disk from the array.
Secureerase application on desktop computers and laptops

The safe disk erase feature can be integrated into UEFI, which is the best and most convenient cleaning method. If it does not exist - here is a list of programs that use the SecureErase method:

  • MHDD
  • CopyWipe
  • Hdparm (linux)

Secure Erase application for SSD

Typically, if you apply the Secure Erase command to an SSD drive, the controller understands it and executes it, dropping all memory cells with the Block Erase command, including those reserved for internal use in the " Empty”state. Only SMART data, firmware and damaged cell table are not affected. The disk returns to the new state and restores the factory write speed. On a normal SSD, this command is executed in a minute or two against several hours on the HDD.

Programs designed for scrubbing of hard disks by the method SecureErase will work with a SATA SSD. That is, if the storage system has a function of fast disk cleaning, it will work with SATA SSD drives. On personal computers it is better to use utilities from the manufacturer SSD:

  • Corsair SSD Toolbox
  • Samsung Magician
  • Intel Solid State Drive Toolbox
  • Toshiba (OCZ) SSD Utility ( Now Toshiba )
  • SanDisk SSD Dashboard
  • Kingston SSD Toolbox
  • Micron SSD Management

Most SAS/ NVME / PCI Express SSDs are similarly cleaned using the SecureErase or Format Unit command. By the way, if you turn off the power during the SSD cleaning process, the next time you turn on the drive, it will first finish cleaning and only then go into the ready state.

An alternative to using the Secure Erase command is simple formatting followed by the TRIM command. The drive controller similarly frees memory cells by securely erasing everything that was previously stored in them.

SSD manufacturers strongly recommend that they do not use all those methods of repeated overwriting of data developed for hard disks, because first, it increases the wear of the drive, and secondly, these methods do not clean the inaccessible to the operating system data cells, including redistribution areas and damaged blocks.

Thus, we have found out that SecureErase and built-in HDD/SDD cleaning commands are a reliable, proven way to delete any data, so that no hacker, no laboratory will restore them. However, fearing the unknown, people have come up with multi-pass ways to delete data.

Conclusions

interestingly, the defense Ministry and the U.S. Department of security have abandoned any software methods of data cleaning, deciding that the destruction can only be physical. Currently, the forms distributed by these agencies indicated that the destruction of storage media is permitted to use the shredders into crumbs with a diameter of 2 mm, mazmanishvili or incinerators at a temperature below 1600 degrees Celsius.

Currently, more and more companies are choosing permanent encryption as an alternative to data deletion: data is stored on the media is always encrypted, and if necessary, the encryption key is simply deleted.