Hard Drive Data Destruction and Sanitization: Understanding Your Options

December 18, 2018 at 9:23 pm by Heidi White

cyber-security-hard-driveIn the age of sophisticated cyberattacks and data breaches, digital security continues to be a primary concern for government organizations and businesses of every industry. To be effective, today’s security procedures must treat internal threats with the same level of importance as external threats. While it may not be the first thing that comes to mind, a key element of your overall digital security strategy is your plan for what you do with information when it’s no longer needed. Hard drive data destruction is a general term for the process of clearing all sensitive information from your computer hard drives and solid state drives (SSDs), and it’s an essential step for protecting your organization, your customers, and your employees.

There are three methods of hard drive data destruction: erasing (sanitizing), crushing, and destroying. Here’s a look at each option.

Sanitization of the Hard Drive (Erasing): Degaussing

degauss-destroy
L to R: SEM Model EMP-1000HS degausser, SEM Model 0101 hard drive crusher, and SEM iWitness media tracking solution

Degaussing is a very effective method of erasing data on magnetic media (hard drives and or data tapes). If you are trying to erase unclassified or sensitive data, a commercial degausser such as the SEM Model EMP-1000 is a perfect solution. The SEM EMP-1000 is the most powerful commercially sold degausser in the marketplace today. With the strength in power at 16,000 gauss (1.6 Tesla), it erases the highest coercivity magnetic media available today without the use of adapters.

However, if you are erasing classified or highly sensitive magnetic media, the  NSA listed SEM EMP-1000HS would be the correct choice for your organization. The EMP-1000HS is a 20,000 gauss (2.0 Tesla) machine that has been evaluated by the National Security Agency for use on classified media.

Considerations: when choosing to sanitize hard drives, be sure to choose a company such as SEM that offers both NSA approved and commercial (PII/CUI) type degaussers. Regardless of the sanitization level required, don’t take the easy path of simply reformatting the drive or removing the directory. These methods simply make the data on the hard drive harder to find. The hard drive should be completely erased (sanitized), which the SEM EMP-1000 series can assure your organization on every single degauss cycle.

Crushing the Hard Drive

hard-drive-crusher-sledgehammer
A hard drive is decommissioned with a SEM Model 0101 hard drive crusher, which is used to permanently destroy the units according to the approved destruction method at Malmstrom’s client systems center. In order to prevent unwanted review of old files and documents, physical storage mediums are degaussed and physically broken before being recycled. (U.S. Air Force photo/Airman 1st Class Collin Schmidt)

Most organizations and their IT leaders know that destroying a hard drive is the most secure way to dispose of data, but they often mistake damaging it for actual drive destruction. Damaging a hard drive with a hammer or by driving a nail into it is less time consuming than hard drive shredding or crushing, but it is also much less secure. For lower volume applications, hard drive crushing is the most secure and economical solution.

SEM’s Model 0101 automatic hard drive crusher is a hard drive crusher that has been evaluated by the NSA and meets NSA and DoD compliance guidelines for the physical damage of media. Note that all classified rotational hard drives MUST be degaussed prior to destruction. Not only does the Model 0101 punch a hole in the drive, it also bends the platter, rendering the drive inoperable. This handy device is compact and affordable, making it the ideal solution for smaller installments or where portability is of key importance.

Destroying the Hard Drive

The fastest and easiest way to destroy a hard drive is to shred it. Hard drive shredders quickly chew up hard drives to particle sizes ranging from 0.75″-1.5″ for rotational media to 0.375″ for solid state media. The SEM Model 0315 Combo Shredder is SEM’s best-selling hard drive shredder that destroys both HDDs and SSDs in one convenient device.

Considerations: The most compliant form of rotational hard drive data destruction that protects your organization from liability associated with data stored on magnetic media’s the NSA’s two-step process of degauss and destroy. This process is only NSA compliant when NSA listed devices are used. Consider the SEM Model EMP-1000HS degausser and the SEM Model 0101 hard drive crusher or SEM Model 0315 hard drive shredder. However, solid state media is not degaussable and stores significant amounts of data on tiny chips. Therefore, the most secure way to destroy solid state drives is by following the NSA directive that mandates a 2mm or less particle, such as is achieved with the SEM Model 2SSD.

 

Mike Palaia is Western Regional Sales Manager at Security Engineered Machinery (SEM)