Data sanitization is the process of deliberately, permanently and irreversibly removing or destroying the data stored on a memory device to make it unrecoverable. A device that has been sanitized has no usable residual data, and even with the assistance of advanced forensic tools, the data will not ever be recovered. Broadly, There are two methods to achieve data sanitization: Data Erasure and Physical Destruction.
Data erasure is the software-based method of securely overwriting data from any data storage device using zeros and ones onto all sectors of the device. By overwriting the data on the storage device, the data is rendered unrecoverable and achieves data sanitization.
To Achieve Data Erasure, the Software Must:
1). Allow for selection of a specific standard, based on your industry and organization’s unique needs.
2). Verify the overwriting methodology has been successful and removed data across the entire device, or target data (if specifically called).
3). Produce a tamper-proof certificate containing information that the erasure has been successful and written to all sectors of the device, along with data about the device and standard used.
Pros & Cons of Data Erasure:
Data erasure is the highest form of securing data within data sanitization, due to the validation process for ensuring the data was successfully overwritten and the auditable reporting readily available. Data erasure also supports environmental initiatives, while allowing organizations to retain the resale value of the storage devices. Data erasure, however, is a timelier process than other forms of data sanitization. And, data erasure forces organizations to develop policies and processes for all data storage devices.
Physical Destruction is a process of shredding hard drives, smartphones, printers, laptops, and other storage media into tiny pieces by large mechanical shredders or using degaussers.
Degaussing is a form of physical destruction whereby data is exposed to the powerful magnetic field of a degausser and neutralized, rendering the data unrecoverable. Degaussing can only be achieved on hard disk drives (HDDs) and most tapes, but the drives or tapes cannot be re-used upon completion. Degaussing is not an effective method of data sanitization on solid-state drives (SSDs).
Pros & Cons of Physical Destruction:
Physical destruction is an effective method of destroying data to render the data unrecoverable and achieve data sanitization. Physical destruction can be harmful to the environment and destroys the assets so they are unable to be reused or resold.