Hardware-based Disk Sanitization
From a hardware perspective, there are two basic disk sanitization methods, degaussing and destruction.
As stated earlier, the degaussing process involves the removal of data by exposing data storage bits present on the media surface to a magnetic field of sufficient strength to achieve coercion of the bit. There are a number of challenges to using a degausser, and not all degaussers are up to the task. If you are considering using a degausser, ensure that it's on the NSA Degausser Evaluated Products List (DEPL) [PDF link].
The DEPL specifies the model identification of current equipment units that were evaluated against and found to satisfy the requirements for erasure of magnetic storage devices that retain sensitive or classified data. Note also that the operator of the degausser must understand the capabilities of the device, and should be aware of what can and cannot be effectively and securely processed.
Degaussing is a destructive process and will create irreversible damage to hard drives since it also destroys the special servo control data on the drive, which is meant to be permanently embedded on the hard drive. Once the servo is damaged, the drive is unusable. If you plan to reuse the drive, don't degauss it.
When choosing a degausser, some other criteria to consider are:
* Cycle time--amount of time it takes to complete the erasure
* Heat generation--some degauggers will generate significant heat and need to be cooled down. If you need to degauss many drives, this downtime can be an issue.
* Wand or cavity style--Hand wands models are generally cheaper, but may lack certain power features. Cavity style degaussers enable you to place the entire unit into the degausser.
* Size--Do you want a smaller portable unit or a larger more powerful unit? Some of the more powerful models require wheels to move as they can weigh nearly 400 pounds.
The Fujitsu Mag EraSURE P3M and Garner Products HD-3W degaussers are two examples of many of the available brands. Note that it is imperative that the degausser is strong enough for the media, especially hard drives. As hard drives can be particularly challenging to get enough force to penetrate the heavy shielding and plating protecting the platters.
Physical Destruction
Given the low cost of hard drives combined with the huge amount of data stored on them, the simplest and most cost effective method of sanitization is to simply destroy the hard drive. Just as paper can be shredded, so can hard drives and other media. Video of hard drives being destroyed can be seen at the SSI web site. [See also shredding on a truck in Data Breaches Spark Hard-Drive Shredding Boom.]
Depending on the service used and the quantity to be destroyed, costs for external data destruction are roughly $15.00 per hard drive shredded, but go down to under $3.00 when done in bulk (over 500 drives).
What do you do if a company offers to destroy your hard drives for an unreasonably low price? Odds are that they are not in the media destruction business, but rather are a recycler. Choose a true destruction firm, not a recycler.
For those whose volume warrants in-house destruction, products such as the SEM Sledgehammer and Garner Products PD-4 destroys hard drives with tons of force causing catastrophic trauma to the hard drive chassis while destroying the internal platter.
On the upper end, the SEM Model 0301 Jackhammer is a high torque hard drive shredder that can shred up to 25 hard drives per minute. This is a serious device for organizations that have significant amount of hardware to destruct.
Secure Erase
The obvious choice for a hard drive purge would be a feature that one could use at the drives end of life point. While there is such a feature, known as Secure Erase (SE), it has not become ubiquitous for a number of reasons.
SE is an overwriting technology that uses a hard drive-based firmware process to overwrite the drive. SE is a drive command defined in the ANSI ATA and SCSI disk drive interface specifications.
On one side, SE is an excellent free utility, but has limitations relative to types of drives it works on, and requires some expertise over and above basic technician knowledge. SE is approved as a data purging method as per NIST 800-88.
In addition, hard drive manufactures appear to be reticent to advocate a technology that can destroy all of the data on their device. They don't want to receive calls from irate users demanding to know what happened to their data. Given that issue and the technical expertise required to initiate SE, it has not found widespread use.
Media destruction: In-house or outsourced?
Media and hard drive destruction, like other services, can be done in-house or outsourced. Which is the best way to go? Like every decision, the correct answer is the proverbial it depends.
The same issues that pertain to paper-based destruction apply to hard drives and other media. The difference though is that the data contained on one hard drive can be equal to an entire flatbed of hard copy. With that, if outsourced, the amount of trust needed is significantly greater.
There is no single answer to the in-house/outsource question. Every business has different needs that must be considered before a decision is made. Before considering using external service providers to process your end-of-life storage hardware, make sure that you consider the potential risks of handing off unprotected storage assets to a third party. A review of the handling practices and accreditations of the service provider should be conducted when evaluating service providers.