Getting rid of sensitive data when it’s no longer needed is an important step in managing and protecting the business data. Once data has reached the end of its life, it’s important to dispose of that data securely.
What is data sanitization?
NIST Special Publication 800-88, Rev. 1, “Guidelines for Media Sanitization,” is a globally respected best practice document. In it, the U.S. National Institute of Standards and Technology says, “Sanitization is a process to render access to target data (the data subject to the sanitization technique) on the media infeasible for a given level of recovery effort.”
Likewise, the International Data Sanitization Consortium (IDSC) defines data sanitization as “the process of deliberately, permanently, and irreversibly removing or destroying data stored on a memory device to make it unrecoverable”— a definition in line with Gartner’s 2022 Hype Cycles.
In other words, a device that has been sanitized has no usable residual data, and even with the assistance of advanced forensic tools, the data will not ever be recovered. This is important, as drives or computers that are sold, donated, or even recycled can retain data long after they leave their original owner.
How do you achieve data sanitization?
Industry leaders agree that there are only three methods to achieve data sanitization: physical destruction, cryptographic erasure, and data erasure. however, if applied incorrectly, they could leave you with a false sense of security and leave data subject to unauthorized access.
Let’s look at these three methods:
Physical Destruction: For physical destruction to offer true security, no data storage areas can be left intact and destruction methods must be appropriate to the asset. For example, that means degaussing can’t be used on solid-state drives, and shred size must be small enough to break up today’s data-dense chips. Some standards specify a shred size of less than 2mm.
Cryptograhic Erasure: If encryption is properly applied from beginning to end, cryptograhic erasure is very effective in protecting data. However, it assumes encryption has been executed across all data on a device before encryption keys are erased. And, the less sophisticated the encryption, the more vulnerable the data is as decryption technologies improve.
Data erasure: This is a software-based process of securely overwriting data across all sectors of a device with random binary patterns according to a specified standard. The overwrite must be both verified and certified to ensure the erasure has been successful. This renders all data permanently unrecoverable while preserving the functionality of the device.
Secure data erasure can apply to both active and inactive environments across a variety of IT assets, such as servers, PCs/laptops, mobile devices, removable media, and loose drives. It can also apply to large, virtualized data centers and cloud environments. Targeted erasure in active environments can remove specified files, folders, or locations, such as logical unit numbers, verifiably overwriting data while leaving non-targeted areas intact.
What does not achieve data sanitization?
Many data disposal methods deliver incomplete data sanitization, including:
· Data deletion
· Reformatting
· Factory resets
· Data wiping
· File shredding
· Unverified data destruction
None of these methods include the verification and certification steps necessary to achieve data sanitization, and many are known to leave significant data behind.
When adopting a data sanitization method for your organization, consider that nearly all businesses deal with sensitive data of some kind, whether it’s customer information or proprietary business data. Data sanitization ensures this sensitive data is removed permanently for your organization’s protection from breaches and non-compliance fees.