Ensuring Verified and Complete Drive Erasure

BY

Tom Ricoy

|

July 2, 2020

Drives Report Having Wiped but Data is Still on Drive

IT leaders are responsible to protect data at all times, including when devices transition from one user to another, are retired, or donated to schools or charities. Failure to protect critical data including PII, intellectual property, trade secrets, and in some cases classified information is a violation of laws including HIPPA, GDPR, CCPA, etc. as well as puts companies at risk from competitors or negative brand perception and can be a risk to national security.

IT leaders know this and take data removal seriously. Before transitioning drives, they follow industry best practices to wipe drives using products that perform ATA Security Erase, adhering to NIST 800-88 standards, and even paying for managed services to perform certified wipes. Manufacturers provide a response from the drive indicating the security erase command completed successfully.

Unfortunately, drives have been found on eBay and in the wild with PII and sensitive information on them. New research shows drives have reported a successful erase when in fact there is still critical data on them. CPR Tools, one of the industry’s leading service providers for data disaster recovery and data destruction services, found that 8 out of 10 drives reported a successful erasure while data still remained.  

There are many reasons drive wipes fail including bad sectors, command not implemented correctly, hardware failures, erasure program failures, and human error.

End-of-life Secure Erase Validation

Cigent TrueErase™, available on K2 and Everest drives, was created for firmware-based verification that all of the data has truly been wiped. After a firmware-based secure erasure command (ATA Security Erase, Sanitize, Format NVM, etc.) command is sent to the drive, TrueErase verifies with 100% certainty that all of the data on the entire drive, with the exception of the firmware, has truly been wiped and then provides a report to verify it.  

In future releases, the drive can also be configured to automatically retry erasures on failed blocks during the secure erasure process or notify the user that it was unsuccessful and suggest it be destroyed.

Cigent K2 and Everest with TrueErase™ are the only solutions in the market that provide verification that the data has been completely wiped from the drive.

Cigent D3E protects your files in a way that's never been done before.

Learn More

Explore more articles.

Protect your organization's most valuable asset—your data.

Contact Us