NIST Releases New Hard Drive Wiping Protocols
The National Institute for Standards and Technology’s (NIST) has released a series of new protocols. These guidelines are highly relevant to the hard drive data wiping techniques used by agencies. The directives take into account the fast-paced advance of technology that has more advanced media for data storage.
In modern times, more and more electronic devices come with self-encrypting drives and Solid State Drives. These devices are essentially flash memory-based storage devices. The most common data sanitization processes that agencies use are no longer effective in erasing the information stored in such disks. That’s because overwriting and degaussing do not work on flash memory devices.
Further, revolutionary magnetic media include technology that has a higher magnetic force that typical degaussing devices cannot erase. Simply because existing degaussers do not have sufficient force to erase the stronger magnetic fields of the drives.
The NIST stresses that the traditional 3-pass and 7-pass overwriting hard drive data erasing protocols only use “1” and “0” characters to make information illegible. But, these Read and Write methods do not target active areas of the hard drive such as defect areas and unused space. Solid State Drives (SSD)s may come over-provisioned or containing extra large storage space. Thus, existing overwriting methods are not ineffective in properly sanitizing such hard disks.
The NIST recommends the usage of the Cryptographic Erase (CE) protocols for effective hard drive data wiping. The organization describes the method as effective for data that is encrypted during the storage process. The CE works to erase the cryptographic code that was originally used to encrypt the information.
The CE modality could prove to be a far more effective approach as compared to traditional degaussing and overwriting methods. However, the system presents challenges like verification that the wiping procedure is effective. With further refining, in the near future, users might find that the CE system is the preferred option for data sanitization.