There are several data erasure and data wiping standards for the secure removal of sensitive information from PC, Mac and Linux hard drives, removable media, SANs, NAS’ and other storage devices. Standards for these procedures are set by government agencies and private institutes around the globe. Below is the data wiping and erasure standards list, have a little read though then decide which one is the best fit for your company.
Realistically, most businesses only need to comply with the ‘Aperiodic random overwrite/Random’ to protect PII (Personally Identifiable Information) for their GDPR requirements. This will prevent anyone from normally recovering that data. This is with the exception of Governments! 😉 They can use magnetic residence trace techniques on old school hard drives to recover data that has been written over many times. However the more times you write over it the harder and longer it takes, especially if it was encrypted in the first place.
Standard Name | # of Passes | Description |
Aperiodic random overwrite/Random | 1 | This procedure overwrites data with a random, instead of linear, pattern. Each sector of the drive will contain different data. This process is completed by verification. |
BSI-GS | 1 | Defined by the German Federal Office for Information Security, this procedure begins by removing hidden drives (HPA/ DCO if existing) and overwriting with aperiodic random data. The next step triggers a firmware based command dependent on the type of drive. This procedure is completed by verification. |
HMG Infosec Standard 5, Lower Standard | 1 | Used by the British Government, this 1-pass overwrite procedure consists of first writing a zero and then a random character and repeating. This procedure is completed by verification. |
NIST 800-88 Clear | 1 | The National Institute of Standards and Technology Clear requires the removal of hidden drives (HPA/DCO, if existing). This procedure is completed by verification. |
NIST 800-88 Purge | 1 | This method requires the removal of hidden drives (HPA/DCO, if existing). A firmware based command is triggered depending on the type of drive, this procedure is completed by verification. |
Air Force System Security Instruction 5020 | 2 | Originally defined by the United States Air Force, this 2-pass overwrite procedure is completed by verification. |
BSI-GSE | 2 | The BSI-GSE adds one additional progression to the BSI-GS. After the first overwrite, an extra overwrite with aperiodic arbitrary information is included before moving to the last two stages. |
CESG CPA – Higher Level | 3 | The UK government’s National Technical Authority for Information Assurance standard is a 3-pass process with a confirmation after each progression. |
HMG Infosec Standard 5, Higher Standard | 3 | Used by the British Government, this 3-pass overwrite adds one additional write procedure. Like the baseline standard, this procedure is completed by verification. |
National Computer Security Center (NCSC-TG-025) | 3 | Defined by the US National Security Agency, this 3-pass procedure includes a verification after each pass of 0s, 1s and a random character. |
Navy Staff Office Publication (NAVSO P-5239-26) | 3 | Published by the US Navy, this 3-pass system uses a specified character (and its complement) and a random character. This procedure is completed by verification. |
NSA 130-1 | 3 | Defined by the National Security Agency, this method uses a 3-pass overwrite procedure: writes a random character, writes another random character and writes a known value. This procedure is completed by verification. |
OPNAVINST 5239.1A | 3 | Defined by the US Navy, this method uses a 3-pass overwrite—the first a random byte and static overwrite for the last two. This procedure is completed by verification. |
BSI-2011-VS | 4 | This 4-pass procedure is the original BSI standard defined by the German Federal Office of Information Security. |
DoD 5220.22-M ECE | 7 | This method is an extended (7-pass) version of the DoD 5220.22-M. It runs the DoD 5220.22-M twice, with an extra pass (DoD 5220.22-M (C) Standard) in between. |
Cryptographic Erasure (Crypto Erase) | not applicable | This method uses the native command to call a cryptographic erasure, which erases the encryption key. While the encrypted data remains on the storage device itself, it is effectively impossible to decrypt, rendering the data unrecoverable. Because this method uses the native commands as defined by the manufacturer, it is only available if supported by the drive being erased. |