Secure Erase for Hard Disk Sanitization Rediscovered!

The computer industry learned long ago that, without standards that all manufacturers adhere to, the market would be so limited that it may not even be viable.  Witness the giant IBM.  When it saw its hold over the architecture behind the PC weakening, it developed Microchannel Architecture.  Microchannel promised better graphics, faster performance, and other good things, but was tightly controlled by IBM.  In the meantime, a ‘cloning’ industry developed, building on the PC standards and extending it to improve performance, compatibility, and providing an open platform for developers to continually improve their products.

Ultimately, Microchannel failed, not in small part to the control it exerted over everything Microchannel, and the strong growth of the alternate open architecture.  Apple played a similar game, and they played it well, but their support of USB (enabling developers to develop peripherals), their willingness to allow software developers to create applications that ran on their equipment, and their move to the Intel CPU and a PC-like architecture, combined with the company’s own creative vision and its ability to develop unique, creative products that continue to set it apart from the PC have allowed Apple to build market share.

On the hard disk side, the industry quickly learned that, in this business where drive makers operate with razor thin margins, it made sense to establish and maintain standards that would enable the developers to cut manufacturing costs while also adding features.  PCs originally had a slow, clunky format that required a separate controller card for each two drives, and required that the disc geometries be specified before the drive could be used.  It was a pain.

MFM was supplanted by RLL, until Tandon Computer developed IDE (Intelligent Drive Electronics), which put most of the electronic controls on the hard drive and required minimal electronics on the motherboard.  Western Digital bought the technology from Tandon, a consortium of drive makers contributed to further refining the specification, and IDE was made available to all drive manufacturers.  Drive makers liked it – they didn’t have to reinvent the wheel to make their drives work because the IDE wheel had already been created, and computer makers loved it because it only cost a few dollars to make drives work on their computers.

IDE, now known as PATA (Parallel ATA), used what may now be seen as a somewhat peculiar Master/Slave/Cable Select method for identifying which drive was connected to it; it also limited the number of devices that could be connected (most motherboards supported four devices – two masters and two slaves on two IDE connections, and to add more, an internal card was needed).    The limits made it difficult to make the drives even more capable.

SATA (Serial ATA) was developed to support faster, larger hard drives.  It established an easy –to-connect method for attaching drives, and enables each connected device to operate as a ‘Master.’  This made such things as RAID easy to configure because each drive can be more easily and individually controlled.  It reduced the heat inside the computer by enabling better airflow because SATA cables didn’t restrict airflow like the big PATA cables do.

While PATA and SATA were being developed, the drive makers worked on developing capabilities that would make their drives work better and be easier to manage.  S.M.A.R.T (Self-Monitoring,    Analysis and Reporting Technology) was developed, in part, to enable the computer user to get early warning of problems with hard drives in the user’s system, but in large part to reduce the number of ‘bad’ drives that were returned to the manufacturer that weren’t really ‘bad.’  S.M.A.R.T, if enabled on a user’s computer, could be used to report a drive’s actual status.  So, when a customer calls a drive maker to request tech support, the support person can instruct the customer on how to get a S.M.A.R.T. report – based on this information, it could be determined whether the problem was a bad drive or user error.

But, while drive makers were developing S.M.A.R.T., they were also developing ‘secret’ code instructions that could be used to tell a drive to perform certain actions.  For example, during drive manufacture, a set of instructions could tell electronics on the drive controller to perform a low level format.  Instructions were developed, and coded into the drive controllers that could do many things that enabled manufacturers to have their drives perform automated, pre-programmed, tasks.  S.M.A.R.T. is just one of the tasks that is performed by drive electronics.  When the instruction set was written, developers embedded the ability to do many things (like the automated low level format) automatically, in order to simplify the drive maker’s manufacturing and testing capabilities, and to enable the user to have the drive do certain ‘other’ things (like S.M.A.R.T.).

Although there were dozens (or more)  standardized capabilities built onto each drive controller that adhered to the specification, only the ones the manufacturers needed the most were put into use – although there were gems that went undiscovered, just sitting in code on the chip, until somebody would come along and use them.

Aleratec rediscovered one of these miracle capabilities – Secure Erase Sanitization. This capability was often unrecognized and unused until now.  There are probably many reasons why it was hidden for so long:  for one, not many people thought much about sanitizing their drives; for another, drives keep getting larger and larger so more and more data is at risk each time a drive is discarded; and, for another, more drives make their way into devices like digital fax machines and digital copiers, leaving digital records of confidential information, ripe for the taking.  Finally, the capability was probably largely forgotten.

When an organization removes a hard drive from service – either by pulling a computer out of commission, or replacing a drive with a larger one, or selling off old digital copiers and fax machines, or whatever, if it makes the drive or device into which it’s embedded available outside the organization, that drive should be sanitized before releasing it.  If not sanitized, it’s possible that anyone who acquires the drive could, conceivably, extract data from the drive.   Even if you’re moving a drive from one computer to another, or reassigning a computer from one user to another, it’s a good idea to do a hard drive wipe and THEN install to operating system and other necessary files, in order to be certain that no private data is seen by unauthorized eyes.

Reformatting the drive isn’t adequate – a reformat simply scrambles the map to the data.  Software can bring the files back.  (Way back in the 1980s, Peter Norton’s Undelete did just that – recover data by rebuilding the map)  For these reasons, organizations such as the Department of Defense (DoD) and the National Institute of Standards and Technology (NIST) have recommended procedures for sanitizing drives.

Aleratec has provided overwrite sanitization capabilities in all of its tower hard disk drive duplicators.  The sanitization feature is simple – select Overwrite from the duplicator’s menu, select the method and the duplicator will automatically perform the disk wipe, using overwrites, one of which meets DoD standards.

Aleratec’s Tower Hard Drive Duplicators now implement Secure Erase Sanitization as well, instructing the drive controller to automatically sanitize the drive.  The result is faster sanitization than was previously available, because the logic in the drive controller handles the sanitization process.  It is also a NIST 800-88 accepted method of purging hard disk drives.

If your organization or business has a lot of drives that it now realizes it must sanitize, the Aleratec Tower Hard Disk Duplicators can save a great amount of time, while also protecting you from the risk of data getting into the wrong hands.

While discovery of Secure Erase Sanitization built onto most drive controllers may not be quite as significant as a hidden switch that enables a car to run on water, it’s a very significant discovery for businesses and organizations that want effective drive sanitization as quickly as possible.  And it’s available, now, from Aleratec.

Mark Brownstein is a technology journalist and technology consultant who specializes in explaining and interpreting new technologies, and clarifying how to integrate these new products into current systems. He has been Editor-In-Chief at computer technology and networking publications, has held significant editorial positions at major technology magazines, and is a frequent contributor to various technology magazines. He has written seven books. He is Microsoft Certified, and spends much of his time testing hardware and software products, running his own networks, and learning the best ways to get computer systems running and to keep them running.

Tagged with: , , , , , , ,
Posted in Hard Drive

Leave a Reply

Your email address will not be published. Required fields are marked *