What is Data Sanitization?
Data sanitization involves purposely, permanently deleting, or destroying data from a storage device, to ensure it cannot be recovered.
Ordinarily, when data is deleted from storage media, the media is not really erased and can be recovered by an attacker who gains access to the device. This raises serious concerns for security and data privacy. With sanitization, storage media is cleansed so there is no leftover data on the device, and no data can be recovered, even with advanced forensic tools.
The Need for Data Sanitization
As the useful lifetime and storage capacity of storage equipment continues to increase, IT assets often retain sensitive business data after they are decommissioned. These assets might include:
-
Disk drives on desktop and laptop computers
-
Flash media
-
Mobile devices
-
Dedicated storage equipment
Data Sanitization Standard
​As the useful lifetime and storage capacity of storage equipment continues to increase, IT assets often retain sensitive business data after they are decommissioned. These assets might include: Secure Deletion According to International Standards
-
VSITR
-
NCSC-TG-025
-
BSI-GSB
-
HMG IS (baseline|enhanced)
-
ACSI-33
-
The Schneier Method,
-
DoD 5200.28M,
-
GOST P50739-95
-
AFSSI 5020
-
RCMP TSSIT OPS-II
-
AR380-19
-
The Pfitzner Method,
-
DoD 5200.22M
-
The Gutmann Method
Areas of Applicatation
Areas of Application
-
Secure deletion
-
Simple & fast deletion prior to resale or transfer of ownership.
-
User-performed deletion when handling highly sensitive data.
-
Delete for clients in accordance with international standards.
-
Mass deletion of media simultaneously
-
IDE, ATA, SATA & eSATA hard disks & SSD‘s, CompactFlash.
-
USB drives, USB sticks, SCSI disks 6).
-
SD/SDHC/MMC, CompactFlash, xD, Memory Stick etc.
-
Firewire/IEEE1394 disks (internal & external)
-
Dynamic Disks, RAID, SAS and more
​