How to do data erasure ? Why "format" and "delete" not enough ?

- 2024-01-11 -
There are three methods to do data erasure. They are degaussing, data wiping and shredding.

Degaussing can be applied to magnetic storage such as hard disk, magnetic tape, audio cassette tape, floppy disk. It is using powerful magnetic field of a degausser to neutralize or erase data on magnetic storage. To fulfill the compliance, you need to check the power of the degausser For our company, we will use a degausser with 9000OE to perform the degaussing.

Data wiping means overwriting the data in storage in order to make original data is unreadable. depends on different compliance, different type of overwriting type will be used. The most frequently used types include a single pass overwrite, a three pass overwrite, a seven pass overwrite, and a secure erase. You need to check which compliance you need to follow and select correct or higher level of wiping type. For example, HIPAA require certain data-wiping specifications for your industry, so make sure to check what is required for the type of data you are wiping. For "secure erase", it is firmware level overwrite command applied to SSD. It is quicker than the normal overwrite method.

Shredding is using a destruction to physical destroy the hard disk and make data in the hard disk unreadable. To fulfil the compliance, it should be shredded using a suitable media shredder. Other shredding methods, e.g. destruction with a hammer, may not be enough to fulfill the compliance.

"Format" and "Delete" is a software command to delete data in the storage. But those command cannot completely erase data in the storage, many tools can be used to recover data after "Format" and "Delete".