Data encryption is just one aspect of data security, and data security itself is part of a broader category: data management. What comes to mind when you hear the term “data management”? Do you think of security? Perhaps data governance or data archiving and backups? For many, end-of-life data and data erasure are key concerns.
Effective data management spans the entire lifecycle of data—from creation to disposal. But the critical question remains:
How to destroy your data, and can you be 100% certain it's securely and permanently sanitized and erased?
Corporate IT managers, CIOs, CISOs, ITAD/ITAMs, storage OEMs, and end-of-life data center managers worldwide grapple with this question regularly. Let's explore the different types of data erasure and how organizations can ensure their data is permanently destroyed at end of life.
Methods of Data Erasure
1. Physical Destruction
One of the fastest and most definitive ways to erase data is physical destruction of the data storage device. If reuse or resale of the storage device isn’t an option, physical destruction is a viable route—but not all methods are equally secure or auditable.
For traditional HDDs and magnetic tapes, a degausser is an effective and secure option. Degaussers generate a powerful magnetic field, disrupting the magnetic domains that store data, rendering the storage device unreadable.
For SSDs and flash memory devices, a shredder is the preferred approach. However, not all shredders are created equal—you’ll want one with a small enough particle size to guarantee complete destruction of the memory chips inside the storage device.
Key Considerations for Physical Destruction
- On-site vs. Shipping: On-site shredding can be more expensive but eliminates the security risks associated with transporting sensitive media. If shipping, ensure the data is encrypted before transit.
- Particle Size: For SSDs, shredding to sufficiently small particles ensures that data-bearing chips are fully destroyed.
While physical destruction is highly effective, it comes at a cost—not just for the shredding service but also for replacing the destroyed media. Organizations looking for reusable alternatives should consider software-based erasure methods. Using software to securely sanitize data at end of life also contributes to a more sustainable environment and helps to keep storage devices out of landfills.
2. Formatting
Formatting a drive via the operating system (OS) can erase all existing data—but only if done correctly.
For complete sanitization, users must select full format and ensure the OS overwrites all user data on the drive. Beware that some OS versions may not completely overwrite all user data even when the full format option is selected.
Rather, use specially created software for overwriting data carriers.
3. Overwriting
Think of erasing a pencil mark—you can scribble over it completely, making the original markings unreadable. The same principle applies to data overwriting.
By writing new data to the same storage blocks, previous information becomes irretrievable. Overwriting works well for HDDs, but for SSDs and flash media, data erasure software may struggle due to their complex storage architecture, potentially leaving user data blocks intact.
Key Considerations When Choosing Erasure Software
- Compatibility: Does the software support HDDs, SSDs, and mobile devices?
- Certification: Does it offer a certificate of erasure, proving compliance?
- Efficiency: Can it process large batches of drives quickly?
- On-Site Service: Some vendors offer on-site erasure, reducing risk and improving efficiency for high-volume data destruction needs.
4. Crypto Erase
Data encryption provides another method for secure erasure: crypto erase. This technique works on both self-encrypting drives (SEDs) and software-encrypted storage.
Here’s the process:
- Ensure the data is encrypted.
- Overwrite, delete, and create a new encryption key.
- The original encrypted blocks become inaccessible with a new encryption key and eventually get overwritten through regular use.
Crypto erase is fast and secure but requires a strong encryption setup before deletion.
Verification – Are You Really Secure?
Once your data is erased, how can you verify that it is truly gone? Similarly to backing up your data, it’s critical to test and verify your backups to ensure your data can be restored when needed. It’s also critical to test and verify your data is completely and securely erased at end of life.
For corporate IT and data security managers facing audits or regulatory compliance demands, having proof of successful erasure is critical. The worst-case scenario is discovering that supposedly erased company data has landed in unauthorized hands.
To ensure complete removal, organizations can utilize Erasure Verification Services, which provide independent validation that all data has been securely erased.
Secure Your Data with Ontrack
Ontrack offers a wide range of data erasure solutions, from certified erasure software and physical destruction devices and services to professional erasure verification software and services.
Certified Data Destruction
Data Erasure | Ontrack
Secure Verification
or
Contact us
United States | English
Locations
Search
Back to listing
