HDD/SSD Erasing

Importance of Erasing

PCs and file servers used for work store a large amount of personal and confidential information on HDDs and various recording media. If corporate/individual users dispose of these recording media without knowledge, there is a risk that personal and confidential information may be leaked. Therefore, securely erasing data before media disposal is an extremely important issue for governments, medical institutions, financial institutions, and all companies and individuals that handle personal information. In particular, due to the characteristics of magnetic recording on HDDs, even if the data is physically destroyed by drilling holes without erasing the data, the data cannot be read out from the magnetic field remaining on the undamaged platters using advanced analysis equipment. Therefore, it is important to erase data beforehand even if physical destruction is to be performed.

Related link: Mistakes when erasing data - Data will not be deleted with that method!

Data Erasure and Reuse

There are two main types of erasing data on HDDs and recording media: logical erasing and physical erasing. (Erasure and physical destruction are separate processes, so their explanation will be omitted in this section.)

■ Logical erasure

This is a method used by the duplicator manufactured by U-Reach Data Solutions Inc., which overwrites the HDD containing data with hexadecimal 0x00 or random character strings, making the original data unreadable. HDD functionality is not lost, so it can be reused.

■ Physical erasure

By irradiating the HDD with a strong magnetic field and completely demagnetizing the magnetic force on the recording surface, data cannot be read. Because the magnetic field necessary to record data is lost, the HDD cannot be reused and must be discarded.

Standards for Complete Erasure

Different countries and industries have different standards for complete data erasure. Duplicators manufactured by U-Reach Data Solutions Inc. are highly reliable according to their standards and can erase data using an erasing method that is often used by companies. Additionally, some models allow erasing using even more reliable standards.

■ Complete erasure standard adopted by all duplicators manufactured by U-Reach Data Solutions Inc.

・One-time overwrite erasure according to NIST SP800-88r1 guidelines

・3-time overwrite erasure according to DoD 5220.22-M standard

About SSD Secure Erasure

To extend the lifespan of NAND flash, SSDs perform various internal processes such as transferring data to less frequently used blocks (cells) and preventing writes to frequently used blocks through wear leveling. Therefore, data written in all blocks may not be erased with one overwrite erase.

If you perform multiple erases, wear leveling may work against you and erase all blocks, but the more writes you perform, the more stress will be placed on the NAND flash, and it will wear out.

Secure erase of SSD erases SSD using the method specified by each SSD manufacturer. Since the secure erase program is written in the SSD's firmware, it is difficult to know what kind of erase is being performed, but it is generally recommended to disable wear leveling and erase all blocks. It has become. However, some SSDs perform their own processing and can complete the process in a short time.

Physical Destruction

Destroying or shredding a hard drive is of great importance when it comes to safeguarding sensitive data and ensuring privacy. Outdated hard drives often contain valuable information that, if fallen into the wrong hands, could lead to data breaches, identity theft, or other security risks. Destroying or shredding a hard drive physically damages the storage medium beyond repair, rendering the data irretrievable.

This is particularly crucial in situations where the information stored on the hard drive is highly sensitive or confidential, such as personal or financial records, classified government data, or proprietary business information. By opting for a complete erasure followed by destruction or shredding, individuals and organizations can ensure that their data remains immune to any potential breaches or unauthorized access, thus safeguarding privacy and maintaining compliance with data protection regulations.