The Right Method for Data Erasure per Storage Medium – Data Sanitization
Matching the Method to the Device & Verification
Protecting sensitive electronic information requires more than just a strong data retention and protection plan—it demands a well-defined data erasure policy. As a global data recovery service provider, Ontrack witnesses daily the importance of properly destroying data. Our expertise in recovering seemingly lost data proves how much attention this process requires.
There are various methods to securely erase data, but the key is selecting the right approach based on the type of storage medium and sensitivity of the data. As technology rapidly evolves, certain advancements can make data destruction more challenging. SSDs, hybrid hard drives, and server storage devices continually change and evolve, necessitating specialized sanitization techniques. Similarly, external drives and mobile devices vary significantly between models and manufacturers, affecting the optimal method of data destruction.
Therefore, it is essential to match the erasure method to the specific device and verify the results.
How Do You Determine the Best Method for Your Storage Medium?
To address this, let's examine key industry standards that define data sanitization practices: DoD 5220.22-M, NIST 800-88, ISO/IEC 27040, and IEEE 2883-2022.
DoD 5220.22-M NISPOM
Starting in 1995, the DoD 5220.22-M was published to outline methods for for secure data destruction. Originally published by the U.S. Department of Defense (DoD) within the National Industrial Security Program Operating Manual (NISPOM), it included a Clearing and Sanitization Matrix outlining different sanitization techniques for various storage devices.
Following its 2021 revision, NISPOM transitioned into a U.S. federal regulation rather than a specific DoD policy. While the update removed explicit sanitization guidelines, the legacy of DoD 5220.22-M continues to influence industry practices.
NIST Special Publication 800-88 Revision 1
Published in 2014, NIST Special Publication 800-88 Revision 1: Guidelines for Media Sanitization provides systematic instructions for securely erasing electronic storage media. It is widely adopted in business environments due to its practical approach and emphasis on matching sanitization methods to storage technologies.
The Guidelines for Media Sanitization have become a global reference, influencing internationally recognized standards such as ISO/IEC 27040:2015.
IEEE 2883-2022
To address evolving data storage technologies, the Institute of Electrical and Electronics Engineers (IEEE) introduced IEEE 2883-2022, a standard specifically targeting logical and physical storage sanitization.
This standard provides technology-specific instructions for secure erasure, covering modern storage devices such as SATA, SCSI, and NVMe drives, which have gained widespread adoption. IEEE 2883-2022 is a vital resource for organizations seeking reliable data sanitization solutions.
How Is Data Removed?
Choosing the Right Erasure Method
Each type of storage device operates on different technologies, making it essential to apply the correct data destruction method. Selecting an improper technique can result in sensitive data remaining on the device, posing a significant security risk. Let's examine the best data erasure methods for various devices:
Traditional Magnetic Hard Drives (HDDs)
When a file is deleted from a traditional hard drive (non-SSD), the system simply marks it as "deleted," allowing data recovery until those sectors are overwritten. Contrary to popular belief, even physically damaged hard drives can still yield recoverable data.
Effective Erasure Methods:
- Certified wipe software – Overwrites data multiple times, ensuring complete removal from both accessible and inaccessible storage areas.
- Cryptographic erase (CE) – Self-encrypting drives (SEDs) use built-in encryption to rapidly erase data. However, erasing the encryption key alone may not be sufficient. Certified software ensures both the key and encrypted data are removed.
- Degaussing (demagnetization) – A strong magnetic field erases stored data. The effectiveness depends on field strength and exposure time.
- Shredding – Physical destruction of the drive ensures no data remains. Certified shredders meeting CA+ standards and DIN 66399 security classifications provide the highest level of protection.
- Incineration – Requires temperatures exceeding the Curie temperature (TC) to render data irretrievable.
SSDs, Flash Memory & Memory Cards
Wiping SSDs is more complex due to their unique architecture. Unlike HDDs, SSDs store data across varying physical locations, meaning traditional overwriting may not eliminate all traces.
Recommended Erasure Techniques:
- Certified software – Overwrites all storage areas multiple times.
- Shredding – Meets DIN 66399 destruction class E standards, ensuring complete chip fragmentation.
Backup Tapes
Tapes are widely used for long-term data storage, sometimes exceeding 30 years. However, when data retention expires, secure erasure is required.
Best Erasure Methods:
- Degaussing – Utilizes strong magnetic fields to wipe data.
- Incineration – Burning tapes ensures complete destruction.
Smartphones
Smartphone erasure depends on the brand, operating system, and provider, each offering varying levels of security.
iPhone (iOS)
- Cryptographic erase – Apple's built-in encryption allows fast, reliable wiping. However, manual verification of browser history, files, and photos is recommended.
- Certified software – Overwrites entire memory before reinstalling iOS.
- Shredding & incineration – Ensures full destruction.
Android
- Factory reset – Should apply eMMC Secure Erase or Secure Trim
- Encryption & cryptographic erase – Some Android devices support full data sanitization, but manufacturer verification is necessary.
- Shredding & incineration – Best for guaranteed erasure.
Servers, SAN, NAS & RAID Systems
Servers and networked storage systems may retain data due to middleware configurations. For full sanitization, each disk should be wiped individually.
Verification: Ensuring Secure Erasure
Verifying the erasure process is critical to maintaining data security and confidentiality. Certified sanitization methods provide fraud-proof reports, compliance certificates, and documentation to ensure complete data removal.
Conclusion
As storage technologies advance, the landscape of data sanitization continues to shift. Whether following DoD, NIST, ISO, or IEEE guidelines, ensuring the correct erasure method for each device type is critical. Proper verification ensures that sensitive data is securely removed, preventing unauthorized recovery.
Looking for the Right Data Destruction Method?
Contact us for expert guidance on:
Certified Data Destruction
Data Erasure | Ontrack
Secure Verification
or
Contact us
Great Britain | English
Locations
Search
Back to listing
