Erasing Hard Drives

Drive_eRazer_UltraPeople are increasingly aware of issues surrounding data privacy and security and an important facet of protecting personal, business, and client data is ensuring that data is completely wiped from hard disks when computers and hard drives change hands, are recycled, or are retired. Government agencies all over the world have strict standards for erasing data from hard drives. Some even require the demagnetization or physical destruction of a drive to protect important information.

A company’s computer hard drives contain proprietary information such as product designs, financial records, vender lists, and internal e-mails. Home computers may not contain state secrets or blueprints for missile defense systems, but they do include private information (credit card numbers, tax information, bank passwords, social security numbers, even personal photos) that users don’t want falling into the wrong hands.

It’s possible (and sometimes easy) for someone to recover files if they’re not disposed of properly. The following sections describe various means of ensuring that data is properly deleted and permanently unaccessible.

Destruction

construction-work-carpenter-tools-largeComplete destruction of the platters in a hard drive is certain to ensure that the data on the drive is no longer readable. No one will ever get to the information stored a drive if it has been shredded into enough small pieces.

Some people advocate hammering a nail or drilling through a drive.  Such techniques may get the job done, but how safe and feasible are they?  And if you have more than a few drives to destroy, DIY destruction seems impractical since it involves deconstructing the drive enclosure and finding a way to reduce the disks to tiny, unrecoverable pieces.

You could outsource the job of destroying hard drives to a company that specializes in this service. Your drives will be shredded or crushed and then mixed with other waste, making data even harder to retrieve. When choosing a company to provide destruction services for hard drives, it is important to ask questions about its security standards and company policies. Such questions may include how job applicants are screened and whether or not security cameras are used.

Degaussing

Degaussing works when a magnetic object, such as a hard drive comes in contact with a magnetic field of greater force. A degaussing machine provides this magnetic field. After being processed, the drive is left in a magnetically neutral, or blank, state.

Some degausser machines can leave hard drives in a like-new state, so that they can be re-used or disposed of securely. With other machines, degaussing drives renders them unusable.

It should also be noted that a degausser machine must provide enough magenetic power to surmount the drive’s magnetic field and therefore erase the data.  If the degausser does not have sufficient power, then the degaussing process is useless.

Data Destruction Hardware and Software

If you plan to reuse or sell your hard drives after erasure, then this is the method to use.

When a drive is erased by hardware or software utilities, the utility sequentially overwrites all data on the drive.  The number of overwriting “passes” made over the data and the patterns can be selected by a user or a preset specification.

One such specification is called Secure Erase. Secure Erase is a set of built-in commands in the firmware of many modern hard drives (greater than 15GB and manufactured in 2001 or later). This feature is activated by a low level command to the drive and causes the drive to erase itself using methods developed by the drive manufacturers in conjunction with the NSA. To protect against malware attacks, operating systems such as Windows and Mac OS (and software applications written for these operating systems) cannot send this command, but disk erasing utilities can.

Secure Erase sequentially overwrites the data on the drive, similar to other erase modes. However, Secure Erase better handles data on “bad blocks” (single pass may stop and report an error at a bad block).

Various agencies and organizations each have different specifications for the number of passes required and patterns used for the erasure of hard drive data.  The WiebeTech Drive eRazer™ Ultra from CRU comes with 12 specifications preset, including Secure Erase, a user-selectable option, and several standards used by government agencies.

Mode Explanation
QUICK ERASE Performs single pass writing all zeroes
CUSTOM ERASE Performs 1 to 99 passes (user-selectable), overwriting with zeroes or a user-selected pattern
SECURE ERASE N Initiates the drive’s built-in Secure Erase (Normal) function
SECURE ERASE E Initiates the drive’s built-in Secure Erase (Enhanced) function
DOD CLEAR US Department of Defense “Clear” standard
DOD SANITIZE US Department of Defense “Sanitize” standard
NIST80088 CLEAR “Clear” standard defined by NIST special publication 800-88
NIST80088 PURGE “Purge” standard defined by NIST special publication 800-88
CSEC ITSG-06 Canadian data sanitization standard
HMGIS5 BASELINE Great Britain’s “Baseline” drive erasure standard
HMGIS5 ENHANCED Great Britain’s “Enhanced” drive erasure standard
DSD ISM 6.2.92 Australian government’s data sanitization standard

 

There are a number of things to note as you determine how to best erase your drive. These include the handling of host protected areas (HPAs) and device configuration overlays (DCOs) and the erasure of Solid State Drives.

HPAs and DCOs are reserved areas on a hard drive that are not accessible by the BIOS or OS. Data can be hidden behind an HPA or DCO. The “Enhanced” form of Secure Erase erases HPA and DCO information.

With Solid State Drives, the disk erasing utility does not have direct access to the sectors on the drive.  There is therefore no way to guarantee that a command to erase a given sector will actually erase that sector.  The SSD’s controller may instead remap that physical sector to a new logical sector, leaving the data intact but inaccessible.  Even a full overwrite of a SSD may therefore not result in a fully wiped drive.  However, the data remaining on the drive would not be accessible via normal means.  Recovering such data would require removing the actual flash chips from the SSD’s circuit board and accessing them with special equipment and software tools.

Secure Erase modes offer the best chance of fully erasing an SSD because they use the drive’s built-in erasing function.  Secure Erase is defined by the ATA specification and requires drives to fully erase all user accessible data areas when the command is received.