NIST media sanitization guidelines provide a simplified framework of how to erase data from storage devices. The principles fall under the categories of clear, purge, and destroy. The government developed these guidelines and media sanitization software companies widely adopt them to sanitize media while protecting sensitive information from leaking to unauthorized parties.
With today’s sophisticated access controls and encryption mechanisms, the likelihood that unauthorized third parties can gain direct access to sensitive information has been severely reduced. So for hackers, cybercriminals, or identity thieves looking to acquire valuable data, the best alternative is to attempt to retrieve residual information on storage media that have left an organization without being properly treated to render anything remaining on them unusable.
This information may be on paper, optical, electronic, or magnetic media — and to protect it from these data retrieval attempts, it and the storage devices holding it must be sanitized.
According to the National Institute for Standards and Technology (NIST), media sanitization means “a process that renders access to target data on the media infeasible for a given level of effort.” More specifically, these are media sanitization methods that irreversibly remove data from storage media or permanently destroy the storage medium. NIST 800 88 media sanitization principles specify three categories of data destruction: clear, purge, and destroy, whereas NIST 800 53 media sanitization recommends companies assign two or more individuals to oversee the sanitization process. This requirement reduces cases of errors and ensures the sanitization process is done as intended.
Devices compatible with media sanitization NIST categories include Solid-State Drives (SSDs), hard drives with magnetic disks, flash memory devices, old-school floppy disks, magnetic tape drives, CDs, and DVDs. The common standard applied in media sanitization software is the DoD media sanitization method, which erases data by overwriting hard disk drives and solid-state drives in three passes while verifying each pass to ensure data is destroyed effectively.
Different forms of storage device require different methods of sanitization. Still, all have one thing in common: Once a device has been properly sanitized, there shouldn’t be any residue of usable data on it, and even advanced forensic tools should be unable to recover any information from the storage medium.
Information protection is a top priority in today’s economy, whether intellectual property, customer records, financial data, sensitive personal details, or electronic health data. Unfortunately, these information commodities are a valuable target for hackers and saboteurs, and any leakage or disclosure of them can have severe consequences for the individuals or organizations involved. Lost revenue, lost public trust, damage to reputations and brand images, or the legal and financial penalties of regulatory compliance breaches are just some of the possible results of information falling into the wrong hands.
When an organization is retiring old hardware and infrastructure, they may choose to dispose of equipment and storage media by charitable donation, internal or external transfers within the enterprise, or by recycling in accordance with relevant laws and guidelines. However, regardless of its final destination, the equipment must be reduced to a state where it’s impossible to reconstruct any residual information on its storage media.
Even in the course of normal business, media sanitization is a necessity. For example, organizations routinely have to archive or destroy backup data once its expiration date has passed, following corporate data retention policies and any conditions imposed by industry regulations or regulatory compliance frameworks.
Sanitization also factors into cloud or off-site data storage scenarios. For example, if you routinely back up data to an off-premises data centre or cloud service, when that information becomes due for expiration, responsibility for sanitizing the storage media rests with your remote IT managers or the cloud storage vendor. And you’ll need to take extra precautions to ensure that this information has indeed been scrubbed and that all media sanitization procedures have been properly documented.
The National Institute of Standards and Technology or NIST Special Publication 800-88 Revision 1, Guidelines for Media Sanitization, gives detailed guidelines for data sanitization and how to sanitize a hard drive. These recommendations are based on the various ways in which organizations categorize information for data confidentiality and are in line with another widely used NIST standard, SP 800-53, Recommended Security Controls for Federal Information Systems and Organizations.
Several techniques are commonly used for secure hard drive disposal, hard drive destruction, and the proper sanitization of electronic storage media. They include:
Described under NIST 800-88 as “Clearing,” this technique goes beyond simple data sanitization to provide a level of media sanitization that protects the confidentiality of information against robust keyboard attacks from standard input devices and from data scavenging tools. Clearing must also prevent information from being retrieved by data, disk, or file recovery utilities.
An acceptable clearing method is overwriting, which is typically accomplished using data wiping software. In a standard implementation, the overwriting utility writes the same information (e.g., ones and zeros, or a specific set of characters) throughout the storage medium.
Another technique prescribed under NIST 800-88, purging protects the confidentiality of information against laboratory attacks involving advanced non-standard data recovery techniques on storage media outside of their normal operating environment. Such attacks typically enlist the services of specially trained personnel using signal processing equipment.
For Advanced Technology Attachment (ATA) disk drives with a capacity of over 15 GB and manufactured after 2001, the official distinction between clearing and purging has become blurred. Under the NIST guidelines, an acceptable purging technique for these drives is to execute the firmware Secure Erase command, then perform a degaussing operation as described below.
This is an electromagnetic sanitization process performed by sanitization tools called degaussers that incorporate powerful magnets to sanitize a USB flash drive (hard drive sanitization). The application of an electromagnetic field by this device effectively destroys the magnetic field of a disk or drive, rendering it unusable. With some devices, it may be possible for the manufacturer to reformat the drive, so to dispose of hard drives securely, this method is often used prior to physical destruction.
Strong encryption algorithms are routinely employed to prevent unauthorized access to data during the service life of IT equipment. However, this technique can also make it impossible to gain access to data on a storage device when it’s retired. The trick is to use a robust encryption algorithm on the data, then destroy the encryption key, effectively rendering the information on the drive unrecoverable.
For all applications, actual physical destruction of storage media is the safest and most secure method of media sanitization. However, choosing the best way to destroy a hard drive or other storage medium depends on the device’s nature and the information resident on it.
Standard physical destruction techniques include breaking the storage media into unusable shards through grinding or the use of an HDD shredder machine, melting or incinerating the media using a licensed incinerator, vaporizing or pulverizing hard drive using a combination of heat, pressure, and chemicals, degrading storage materials by applying corrosive acids, or applying extremely high voltages to the media.
NIST media sanitization guidelines provide legally and globally recognized principles for businesses to apply in their media sanitization processes. These measures also protect data from unauthorized access by giving clear methods to ensure data is erased completely and cannot be recovered. NIST guidelines for media sanitization apply to flash, magnetic, and any other type of storage devices.
NIST sp 800 88 guidelines for media sanitization outlines three ways to erase data effectively:
this method provides moderate protection by erasing data from all user storage devices using logical techniques such as factory resets to the storage devices or overwriting with new data to erase old information.
Purging uses laboratory methods to permanently erase data in host protected areas and device configuration overlays. Companies should create data purge policies to ensure outdated data is removed regularly to create more storage space for newer data.
Destruction also applies laboratory methods to destroy data and the storage device as well. This technique renders data completely unrecoverable by shredding, melting, incinerating, or pulverizing. Destruction is the most effective technique, especially for end-of-life storage devices.
Another important feature in the NIST guidelines for media sanitization is verification. Media sanitization is never complete without verification because confidential data may still be vulnerable to unauthorized access if data sanitization methods are ineffective. NIST lays out two verification options:
Blancco has automated the verification process for businesses to apply to their preferred sanitization procedures to bridge the gaps created by inadequate sanitization methods.
Media sanitization best practices for your organization begin with establishing a data destruction policy to run in line with your data retention policy. This policy governing media sanitization means that your company should set out procedures to guarantee that all storage devices and media that are no longer being used have their contents securely sanitized, destroyed, or overwritten, beyond the reach of laboratory attacks advanced data recovery techniques. This will help reduce the risk of data leakage or breaches and help keep your organization in line with all relevant data privacy and data governance obligations.
In addition to a data destruction policy, you should also ensure that you have ready access to all relevant documentation concerning the Chain of Custody charting the handling of all equipment and storage media that are entrusted to third parties, and confirming the processes used to sanitize and destroy all data and media. So, for example, if you engage the expertise of a hard drive destruction service, make sure they provide a certificate of hard drive destruction (or Certificate of Destruction) for each hardware component they dispose of.
Note that most current legislation requiring data management policies and procedures also requires formal documentation of all data retention and destruction activities. So having this documentary evidence will assist your organization in meeting compliance obligations and in passing all the necessary audits.
Various government agencies have also set out formal guidelines and best practices for media sanitization and data destruction. For example, the Department of Defense, in its document DoD 5220.22 recommends that “Functional drives should be overwritten three times prior to disposal or reuse.” And NIST 800-88 states that “Modern hard disks can defy conventional forensic recovery after a single wiping pass.”
If you’re seeking outside help, ARMA International’s book Contracted Destruction for Records and Information Media guides how to obtain data and media destruction services.
The media sanitization procedure below provides guidelines on how to erase data from your storage devices:
The scope highlights the number of media devices with sanitized data, data confidentiality levels, and the sanitization process’s business functions. The scope should also include whether the sanitization process will be done on or off premises and which data sanitization company to engage for this exercise.
The data sanitization method is determined by the scope you defined above. For example, if non-confidential data does not affect customer and business privacy policies, the clear and purge method is ideal. On the other hand, if the data is confidential and can affect business operations, the destruction method is the best choice. The best practice is to engage a data sanitization service to guide you on the best alternative for your needs.
TechReset specializes in data sanitization and other ITAD services. Our data sanitization methods effectively erase data while taking into account data privacy and sanitization cyber security concerns. We apply various techniques such as CMRR secure erase to destroy data from your hard drives and ensure environmentally safe processes.
Once we complete the data sanitization and verification process, we provide you with a detailed report that documents the sanitization results for audit purposes.
Contact us today so we can start the media sanitization process for your IT equipment.
Besides sustainable practices and alignment with your own CSR objectives, there are other criteria you can use in assessing a hard drive disposal service that can satisfy your needs.
Be wary of companies that advertise “shredding” but actually use a piston punch methodology. If incorrectly applied, a piston punch can leave data on drives in a recoverable state. Some of the less reputable disposal vendors may also try to outsource hard drive destruction to a third party.
Proper audit trails and documentation can guard against this to a large extent. A reputable hard drive disposal service should have no problem in providing a “Chain of Custody” trail charting each stage in the handling of your equipment — on paper, in photographs, and on video recordings. Some services will go the extra mile by fitting their facilities and transport vehicles with alarms and CCTV monitoring.
Each time the disposal service destroys a hard drive, they should provide a certificate of hard drive destruction, which acts as your documentary evidence of disposal for auditing and regulatory compliance purposes.
Finally, a reliable and NAID-certified hard drive disposal service may provide free quotations based on the number of items to be destroyed and offer a range of destruction methods geared towards different storage technologies.
TechReset specializes in the secure and sustainable disposal of electronic waste (e-waste) and secure erasure or eradication of all confidential data through hard drive shredding or certified data cleansing. We use industry best practices to repurpose older or unwanted IT assets in an environmentally friendly manner, providing our clients with peace of mind—and often money back in your pocket.
Decommissioning a data center is an extensive responsibility. Apart from shutting down servers and dismantling the equipment, you must make sure the detailed data destruction
Privacy is imperative. You need to ensure that you keep your information safe and sound at all times. You should never share vital details about
Data Privacy Laws are important to your business, and they are often changing. Even though it is imperative to make sure your organization is compliant
