Part 1: Choosing the Right Hard Disk Drive Sanitizer
by Perry Solomon
We’re a society that loves to accumulate records. We store copious amounts of data on computer hard drives, CDs and DVDs, and have filing cabinets stuffed with bank statements, social security numbers, tax records and other confidential information. Whether this information is stored digitally or on paper, at some point it needs to be erased or destroyed. In Part 1 of our two-part series on better document destruction, we’ll discuss one of the most critical steps any organization can take to protect themselves from financial fraud—wiping computer hard drives. We’ll discuss why hard drives need to be sanitized, how hard disk drive sanitization works, and what technologies and products are available.
Why Sanitizing Hard Drives Is Essential
While most people understand the necessity of shredding paper documents before throwing them out, many are still unaware of the need to properly sanitize computer hard drives. Deleting a file on your computer hard drive typically erases the metadata, or the summary of that file (i.e., file size, author, date created, etc). Without these “clues,” the file can be harder to locate, but far from impossible, and can be easily recovered with common software programs. If a hard drive (whether installed on a computer or used externally), is not properly wiped clean, confidential information such as passwords and financial data can be uncovered by someone motivated enough to find it. In addition, numerous regulations such as Sarbanes-Oxley (SOX) and the Gramm-Leach-Bliley Act (GLB) hold many businesses and organizations accountable for disposing of confidential information properly.
How Does HDD Sanitization Work?
Sanitization software programs typically use an overwrite technique or “write algorithms” that literally write meaningless data over every sector of the hard drive. The number of times the sector is overwritten is called a pass. Some algorithms overwrite every sector one time (1-pass), three times (3-pass) or numerous passes, such as Aleratec’s DoD 7-pass overwrite that writes over every sector seven times. There’s been debate among experts on how many “writes” are needed to completely wipe data; however, research that suggests variance on the coverage of a write onto the magnetic surface of a hard disk drive. In other words, one write may not completely cover the previous data and there might be recoverable remnants. When choosing a sanitization method, pay close attention to the number of passes so that you can match the level of security with your needs.
What Methods Can I Use to Sanitize Hard Drives?
Sanitization software isn’t typically included on computers; however, you can download or buy software. These programs can be highly effective but have limitations when multiple hard drives need to be wiped. Another option is to purchase a hard disk drive duplicator that includes sanitization. Hard disk drive duplicators/sanitizers are stand-alone devices that do not require a computer to operate and can wipe numerous hard disk drives at a time. For example, Aleratec’s 1:11 HDD Copy Cruiser High-Speed Duplicator can clone up to 11 hard disk drives simultaneously and wipe data from up to 25 hard disk drives at a time.
What Is Secure Erase?
Secure Erase is another method of sanitization that is considered highly effective by IT and security professionals. Secure Erase makes use of the hard drive’s own built-in utility for purging the data completely and is classified as “purge technology” by the US Guidelines for Media Sanitization in the National Institute for Standards and Technology’s Special Publication 800-88. Most Aleratec HDD duplicators and sanitizers allow users to choose sanitization options including Secure Erase, 1-pass, 3-pass, 3-pass with verify, DoD 7-pass.
Verify that the Product Does What It Says It Does
Whether you choose software or a stand-alone hard disk drive duplicator/sanitizer, one way to confirm that the product does what it claims is third party verification. Aleratec third party verification means that experts in forensic data recovery have tested hard drives sanitized by the product and verified that all data was permanently destroyed and met the NIST 800-88 standard. NIST 800-88 is a U.S. Department of Defense standard for determining how data should be erased on hard drives. Many of Aleratec hard disk duplicators/sanitizers offer Certified Sanitization (7-pass overwrite), our label for third party verified products.
Never Underestimate the Risk
Today’s savvy thieves will go to great lengths to steal confidential information, so always be on guard. Make sure your employees understand the risks and train them on proper hard disk drive sanitization. Identity theft, fraud and regulatory non-compliance cost companies and individuals billions of dollars annually. Protect yourself or your company by choosing sanitization products that properly erase, destroy, and otherwise obliterate records stored on hard drives.
If you’re considering a hard disk drive duplicator, check out Aleratec’s Hard Disk Duplicator Buyer’s Guide.