![]() When the crypto command is accessed, the cipher key is destroyed and all data on the disk is unable to be read. With ISE each disk creates a cipher key that is used to encrypt data as it is being read or written. This command can be utilized by both hard disks and solid state drives if available. Instant secure erase contains the commands of secure erase but also adds a "crypto" erase (CE) command. Instant secure erase is a super-set of secure erase and utilizes encryption to make data unreadable. The firmware allows for the drive to sanitize itself, and as a result the sanitization is fairly quick compared to other methods which use software to write over data. While SE might seem to do the acceptable bare minimum for data sanitization, it is widely used because the data sanitization comes from the hard disk itself. Block erase is essentially the same thing except exclusive for solid state drives (SSD), “electrically” erasing each block of the drive. To fully destroy all data, more than one overwrite may be necessary. ![]() This is because the NIST standard is meant for erasing unimportant data effectively, but can still be partially salvaged with high-end data recovery methods. It is also worth noting that the US Department of Defense requires four cycles according to Hewlett-Packard. Secure erase only performs one cycle of data overwrite as accepted by the NIST. Overwrite writes over the data with binary 1’s and 0’s to not only erase data but make it unable to be restored. The firmware typically allows for two types of commands overwrite, and block erase. Secure erase is also only accessible through software that can interface directly with the disks as well. This does not mean that other sanitization methods should not be used, it simply means that secure erase should be enough to delete data from hard disks. There are many utilities, software, and packages that can erase data securely, however the main difference is that SE is supported by the National Institute of Standards and Technology (NIST) as an acceptable way of sanitizing data. Secure erase is essentially a set of commands in the firmware of more modern PATA and SATA hard disks that allows for complete data overwrite of a hard disk. ![]() Secure erase (SE) and instant secure erase (ISE) are two popular types of data sanitization. Data Sanitization: Secure Erase vs Instant Secure Erase ![]()
0 Comments
Leave a Reply. |