Hard Drive Sanitization — Not All Methods Are Equal
Simply put, destruction is final, whereas erasure is not.
In 2019, Blancco, an international data security company, released an article discussing various end-of-life data destruction methods and comparing drive destruction to data erasure. In the article, Blancco recommends weighing the level of impact certain end-of-life data can have in the case of a data breach combined with how quickly the data may age out. They then suggested basing the method of sanitization off that assessment.
In fact, there should never be an assessment of this nature when handling sensitive, confidential, or personally identifiable information (PII). It is always best practice to treat all end-of-life data as never aging out and having a potentially high level of harm if breached as both can be impossible to predetermine. There is no statute of limitations when it comes to data breach, meaning that an end-of-life drive can cause a breach years after it was discarded.
Another recommendation Blancco makes is opting for a third-party vendor to sanitize and destroy end-of-life data and devices. Even though Blancco suggests carefully researching and vetting the vendors to ensure they are properly destroying your devices, introducing a third party significantly increases the chain of custody and companies face a far higher risk of data breach every step of the way when opting for this route.
While there are some reputable data sanitization vendors out there, there have been numerous instances where ITAD vendors misused, mishandled, and misplaced drives when in transportation, and in the actual acts of destruction and disposal. There have even been reports of some vendors selling end-of-life devices and their sensitive information to online third parties. Security-focused organizations should avoid using ITADs altogether simply because the security risks can be unpredictable and potentially catastrophic. Instead, opt for in-house data sanitization using high-security destruction equipment and trusted personnel.
A common data destruction misconception is that erasing or overwriting a drive and degaussing are synonymous with one another. Unfortunately, that kind of thinking can quickly become dangerous depending on the kind of information you are looking to destroy. While methods such as cryptographic erasure and data erasure would allow the drive to be used again, as Blancco suggests, you run the high risk of leaving behind sensitive data which can become a gold mine for hackers and thieves. Conversely, degaussing scrambles data and leaves magnetic media completely inoperable, which should always be the goal.
While degaussing is not possible for the destruction of end-of-life data on solid state drives (SSDs), best practice dictates following NSA standards and degaussing all magnetic media, including hard disk drives (HDDs), prior to destruction. Once the device has been degaussed, it should be physically destroyed. The combination of degaussing and physical destruction for HDDs is without a doubt the most secure method of ensuring your end-of-life data stays at the end of its life. Not even the most skilled of hackers will be able to get any information off the drive, simply because there’s nothing left on it to hack!
Note: solid state drives (SSDs) and optical media cannot be degaussed so must be physically destroyed beyond recognition. The NSA recommends a 2mm final particle for SSDs and optical media.
Regardless of the catalyst for end-of-life drive destruction, it is always best practice to conduct sanitization in-house. It is also important to remember that a data breach is a data breach, no matter the level of impact. Using in-house destruction equipment with vetted personnel is the safest, most secure way to ensure your end-of-life data is actually at the end of its life.
Brought to you by: