Mr. Saltzman,

I cannot disagree more with your statements in this article. The information provided is clearly not correct on many counts.

First off, there is no standard or common criteria established for the destruction of legacy hard drive data. Period.

DOD 5220 is an antiquated technology that is no longer recognized by the US or any other government, regardless of what the software vendors want you to believe.

DSX is a product produced by the RCMP for data sanitization, and is not a standard. It is also a technology that the RCMP is looking for a suitable replacement for, as they no longer with to support it.

Second, software based data sanitizing solutions are woefully inadequate in doing an effective job. This is due to the nature of the construction of a hard drive. With embedded controllers, these devices internally manage their own bad sectors and tracks. As such, once the drive attempts to write data to a bad track or sector, and the device determines the track or sector bad, the drive will lock these bad tracks or sectors, leaving remnants of the legacy data in these locked sectors, and reallocate the active data to reassigned slip tracks or sectors. Although these tracks and sectors are marked bad, there is a very high probability that the original data is locked in these areas in either an intact or semi-intact state. As the drive controller has locked these sectors. The PC is incapable of accessing these areas when using a data overwrite software package.

Overwrite technology functions by overwriting existing data with additional data patterns in an attempt to obfuscate the existing data. Considering the operation of writing data, the device is using short bursts of magnetic energy from the drive head to achieve coercion of the magnetic media on the disk platter. This action will accomplish coercion of the top layers of magentics, and only over time will lower layer magnetics realign to the same polarity. This is how companies such as Ontrack are capable of restoring data from overwritten drives. These lower level magnetics leave an artefact capable of being recovered.

Furthermore, the reason that most software products use multi-pass processes is due to the fact that there is a 10% skew rate on the head landing position on the track. The multi-pass process attempts to use the law of averages to make sure that the areas to the left or right of the track center are effectively overwritten. Any data not overwritten by this process will render recoverable data artefacts on either side of the track.

In the past few months, there has been some recognition of Secure Erase as a viable means to effectively destroy legacy hard drive data. See the National Institute of Standards and Technologies published recommendation NIST 800-88 for more information. The NIST states that Secure Erase is the single most means of data destruction second to effective physical destruction (meaning granularization of the data medium to a particle size smaller than can accommodate a complete 512kB block, or less than 1/125th of an inch). Unfortunately, secure Erase cannot be reliably invoked as software, as most BIOS manufacturers have inhibited the passing of this string to the drive due to the potential devastation that SE can cause if exploited by virus or malware authors.

Considering other means of destruction such as Degaussing, this technology is a connectionless technology that is limited in effectiveness in sanitizing hard drives. As the chemistry of drive platters reaching 1Tb require up to 15,000 Oerstead of Magnetic energy to accomplish coercion, present degaussing technology, originally designed for tapes and low density magnetic media, will not be able to effectively destroy hard drive data. Additionally, having no connection to the device, they are not capable of maintaining an automated audit log of devices processed.

Like Degaussing, physical shredding is typically carried out by external service providers. This service requires the shipping of the device to an external service provider, whereby costing the client the loss of Care, Custody and Control of the storage device. In a day and age where there is a lot of focus on network security, the volume of information that can be captured from a network breach is a drop in the bucket compared to the volumes of data contained in a hard drive. A savvy hacker would go after poorly protected legacy storage devices than go after perimeter vulnerabilities.

Where does my background come from??? Well, my Company Converge Net is a solution provider focusing on delivering data Loss Prevention solutions to enterprise looking to convert stagnant policy into actionable IT objectives. We aid clients in a variety of sectors in attaining realistic levels of protection to meet their required compliance levels. In delivering our solution we have found that one of the single most ignored components of any compliance or security policy is the decommissioning stage of legacy stored data. As such we had researched the practices and technologies available to address this important concern. To say the least I was astonished to see the range of 'solutions' practiced or recommended. Many of these ranging from plain old foolish to just outright dangerous.

What we did find is a technology produced by a company called Ensconce Data Technology Inc. called Dead on Demand. This product is sold as an appliance that effectively decommissions 3 drives at a time using secure erase. At the end of the cycle, the device is rendered forensically unrecoverable, and is left with a standard format or standard image ready for re-deployment.

Unlike overwrite technology, the legacy data is unrecoverable by any means, and takes 1/8th of the time required by overwrite type methods. Typically a 100Gig drive will be processed in under an hour.

The dead on Demand is presently in use by a number of government offices worldwide, as well as, being adopted as a standard for a variety of enterprises, banking and finance orgs, and compliance practitioners as their standard for in-house data sanitization technology.