Oct 26, 2016 - 06:52 AM
I did some work at a big IS based defence contractor and when we did our due diligence we selected a product called "WipeDrive". It met all the require certification and allowed us to wipe up to secret data. Anything above that i believe you wipe but need to also physically destroy the hard drive, good luck
Oct 26, 2016 - 07:19 AM
DBAN offers many, many data wipe methods including DOD short, DOD 5220, RCMP TSSIT, Gutmann Wipe, & PRNG Stream.
NOTE 1): The most comprehensive methods available from DBAN can take more than a day to complete the wipe. A 500Gb drive using PRNG Stream or DOD short can take an entire day.
Note 2) DBAN is not suitable for SSDs, only platter-based drives..
Note 3) If you are ultimately ditching the drives, do a short wipe, then consider a drive destruction service.... or buy a used metal drill and have some fun.
Oct 27, 2016 - 02:14 AM
Fantastic question, and one that is very relevant in terms of software compliance and data security.
I remember one organisation that I worked for booted all hard drives using a standard machine, and then manually removed all of the software and files by simply pressing 'delete'. They would then take the hard drive out of the machine and scratch the disk with a screwdriver!
They thought this made the hard drive unreadable and therefore people couldn't gain access to any data left on there. Is this the case, or are they at risk?
Oct 27, 2016 - 05:15 AM
Oct 27, 2016 - 06:07 AM
If you are donating the devices to charity, then use DBAN on each device. Use a DoD Short-3 method. It will take one day to do a typical Hard-drive. It's free and it works.
David: 'Delete' doesn't cut it; that just wipes the file pointers, not the data. And scratching the disk won't cut it either; many HDD's are multi-platter.
Oct 27, 2016 - 11:39 PM
Oct 30, 2016 - 03:36 AM
In the infosec work we have done in integrating this to a customers internal processes, we employ the retirement / hardware replacement process where we insert a step to classify the security role / data that the device has had. These sorted devices are then processed dependent on their categorisation:
- wiped electronically using software and then using magnets (degaussing) as overwriting is no longer acceptable by government for cleaning of magnetic media
- wiped electronically using software followed by magnets and finally sent for physical destruction
When looking at software do make sure you choose an application that has the ability to boot separately to the target drive. If you are trying to wipe a system drive, if it is the boot drive you will limited success. If DiskWipe (which does not support boot drive wiping) is the tool you have, it is possible staff / contractors may come across a drive / device they cannot wipe and skip it. You need a tool that can handle every eventuality.
Have a look at DBAN which allows you to boot up and then wipe all drives on the target device, secure & efficient as it does not require the drive to be removed from the device.
Apr 20, 2017 - 02:35 AM
This software might helps you internally to wipe storage devices.
Aug 30, 2017 - 01:27 AM
As a vendor in this market we have done the attached comparison for our internal use - no guarantee that is it accurate and comments are welcome.
For EOL wiping i.e. decommissioning our BCWipe TWO (for Total WipeOut) is good and can be used to wipe single drives using e.g. bootable USB stick, or to run major wiping centers for decommissiong thousands of drives with disk traceability and so on. For keeping your discs "hygienic" during use and taking care of data spills selective BCWipe wiping works. Former is ADISA approved (magnetic, SSD, hybrid) and complies with numerous standards and schemes (http://www.jetico.com/solutions/by-ne...), while the latter is NIAPC compliant and used by US defence sector (https://www.ia.nato.int/niapc/Product...).
Excuse me is you feel this is too marketing-oriented.
Founder and Chairman of Jetico Inc.
Jun 15, 2018 - 09:44 AM
As a vendor in this market, we are familiar with the different tools.
I'd caution using DBAN as they do not support SSDs and do not provide an Audit Report.
Best of luck!