Tag: hdd

NIST Guidelines vs. the NSA EPL on Hard Drive Destruction: Clearing Up Confusion

February 5, 2019 at 5:44 pm by Heidi White

hard drive destructionOver the 20 years I have been working for SEM, I have explained to customers and former military colleagues about the requirements for classified destruction. Lately these requirements have become stricter due to the ever-changing technologies. It’s not as easy as just putting your paper in a shredder or disintegrator and walking away knowing your classified is destroyed. Your classified now comes on many types of media. With so many types of media, a requirement had to be set forth by the National Security Agency (NSA) as to how these needed to be destroyed. We will discuss destroying hard drives as it relates to the National Institute of Standards and Technology (NIST) 800-88 and NSA Evaluated Products List (EPL) for Hard Drive Destruction.

For this blog, I will only discuss a brief overview for the destruction of hard disks (SCSI, ATA, SATA). NIST 800-88 explains on page 16, table 5-1 there are three methods of destroying hard disks. The first is to CLEAR. This method uses software to overwrite the storage space on the media with non-sensitive data (unclassified) and gives you the option to reuse your hard drive. The second is to PURGE. This method uses degaussing and the Secure Erase command present on some ATA drives. This method is very effective again for unclassified drives. The third method is PHYSICAL DESTRUCTION. This method is the standard for classified data and it destroys the drive by using disintegration, pulverization, melting, or incineration.

emp 1000HS
SEM’s NSA listed Model EMP1000-HS degausser is an ideal solution for rotational hard drives; however, degaussing has NO effect on solid state media.

The second paragraph of the NSA/CSS EPL for Hard Drive Destruction Devices states, “Hard drive destruction devices on their own DO NOT SANITIZE magnetic and/or solid-state storage devices; use of these machines is only authorized in conjunction with degaussing for routine magnetic hard disk drive sanitization or by themselves only in extreme emergency situations. Sanitization guidance for classified storage devices is located in the NSA/CSS PM 9-12 Storage Device Sanitization Manual.” This leads you to believe that degaussing could be used on a solid state drive (SSD). This is misleading! A magnetic field created by a degausser will cause no damage to an SSD. A degausser will only destroy information on a standard rotational magnetic drive.

ssd shredder
Classified SSDs must be disintegrated to a 2mm particle size.

In the third paragraph it states; “All shredders designed for hard drives are approved for deformation of magnetic hard drive platters. Shredding alone will NOT SANITIZE magnetic and/or solid state storage devices unless a two-millimeter particle size or less of the magnetic disk or solid-state memory chip is accomplished in accordance with NSA/CSS PM 9-12 Storage Device Sanitization Manual.” This states that if you have a hard drive or SSD, you can shred it to a 2mm particle to sanitize the drive. This is confusing. Although the NSA guidelines REQUIRE you to reduce a classified SSD to a two-millimeter particle to render the device sanitized, the machine that does this may not be able to shred a standard magnetic hard disk drive to this two-millimeter particle. This is due to the size and materials used in the manufacturing of a magnetic hard disk.

In conclusion, in order to completely destroy the information in a hard drive is a two-step process for a magnetic hard drive and a single step process for a SSD.

A magnetic disk MUST BE degaussed using an NSA approved degausser THEN physically destroyed. This second step of physical destruction is left up to the end user and can vary greatly. It can be as simple as drilling a hole in the drive, hitting it several times with a hammer, or using a hydraulic punch or hard drive shredder. A solid state drive MUST be shredded to a two-millimeter particle and cannot be degaussed.

If you have any questions or would like to talk to a security professional, feel free to reach out to me or any SEM representative.

Karl Lotvedt, DC Region Sales Support, has over 20 years of experience with SEM, including targeted expertise in understanding military procedures and requirements. Prior to joining SEM, Karl spent 20 years in the United States Air Force including over five years in procurement. Now retired from the Air Force, Karl currently serves as an Air Force resource advisor. Karl received his AA and CIS from National College in Rapid City, SD.

Hard Disk Drives – Types, Sizes and Future Technology

December 21, 2018 at 1:54 pm by SEM


What is a Hard Disk Drive?

A Hard Disk Drive (Commonly referred to as a hard drive or HDD) is a device that stores digital data. It includes rigid platters made from aluminum alloy or glass coated with a magnetic material and housed within a metal case. The data is encoded magnetically and floats on a cushion of air above the platters, to put it simply.

The Many Forms of HDDs

HDDs come in various shapes and sizes. The hard drive suppliers and computer industry refer to them as 1.8”, 2.5” or 3.5” form factor drives. These form factor descriptions refer to the approximate physical diameter size of the platters that are housed within the drive casing and account for over 95% of the drives in use today.

Another way to describe hard drives is by the market segment to which they are designed. You will hear the term desktop, server, enterprise (all 3.5” drives) or mobile drives (2.5” or 1.8”) as a common description.

In order to increase the capacity of data that is stored on a platter, in 2005 the technology of storing information in a longitudinal magnetic recorded (LMR) format was changed to a perpendicular magnetic recorded (PMR) mode. Virtually all new drives purchased today are PMR drives. In order for this method of recording to be accomplished, the disk areal density (known as coercivity) had to increase up to 5,000 Oersted.

Future Drive Technology

Today’s HDDs are based on magnetic media technology with read/write heads that read the stored data that resides on the internal platters. Due to the moving parts on a hard drive, they are all subject to wear and eventual failure. The good news is that most magnetic drives have built-in diagnostics to warn the user of an eventual failure. This gives the user time to back-up the data to help mitigate the loss of any data. Drives based on flash memory are also available. These drives do not have moving parts. These memory drives are particularly important in applications where the movement of the drive itself may cause a head crash and thus a catastrophic failure. They are typically much smaller in size and therefore ideal for smaller devices that require data storage.

Summary

The most commonly used hard drives in today’s computing world are the 3.5”, 2.5” and 1.8” form factor drives based on PMR Technology. They represent over 95% of the drives currently being used in the marketplace.

While industries continue to adopt SSDs as new storage devices, HDDs aren’t going away just yet. So it’s important to know not only how they work, but also how to properly dispose of them. To learn more about HDD data destruction check out some of our products here.