Verification of clearing or purging of storage med... - Page 2

ericgeater · ‎08-17-2023

This particular thread shed some light on the subject of data removal from storage media, and as I am currently evaluating software removal (with simple tools like Disk Wipe and sdelete from SysInternals), the whole thread is interesting to me.

But I'm also curious to know what software tools y'all might recommend to verify that a drive was successfully cleared, purged, or encrypted. At present, I'm evaluating DiskView (another SysInternals freebie), but felt like I'd ask if ya'll have a preferred method of clear/purge validation.

Thanks!

eric

-----------
A claim is as good as its veracity.

Caute_cautim · ‎08-18-2023

All

Lets do it like the professionals do: https://www.maxxeguard.com/

It is the only high security hard disk shredder of its kind. With minimum noise MAXXeGUARD easily destroys hard disks (hard drives) up to the highest security levels as well as other digital data carriers like SSD’s, LTO’s, USB’s, CD’s, PDA’s etc . With the MAXXeGUARD you can vary the cut length from 70 – 1 mm. This allows you to choose the correct cut length for each product type and in accordance with the security classification of the stored data ( classified / non-classified ).

Watch the youtube video and be enthralled..... Why waste time, energy, safety etc.

Plenty of other choices to consider, a thing of beauty - just make sure you ensure the audit team have signed off the material as this is a one way trip.

Regards

Caute_Cautim

Caute_cautim · ‎08-18-2023

@ericgeater

What is the difference between clear and purge?

Purge applies physical or logical techniques that render target data recovery infeasible using state-of-the-art laboratory techniques. Purge provides a more thorough level of sensitization than Clear and is used for more confidential data.

NIST Clear
Clear applies standard read/write commands, techniques, and tools, to overwrite data found in all user-accessible storage locations. It overwrites data with nonsensitive data (binary 1s and 0s) on media such as Advanced Technology Attachment (ATA) hard drives and SSDs.

Security level: Official
Level of data protection: Moderate, protecting against simple, noninvasive data recovery techniques
Can be used for: Floppy disks, disk drives, ATA hard drives, SCSI drives, flash media (USB sticks, memory cards, SSDs)
Pros: The storage media can be reused, reducing e-waste, and most devices support some level of Clear sanitisation.
Cons: It does not address data found in hidden or inaccessible areas.
Sustainability: Favorable outcomes, as assets can be reused (internally or externally, depending on the classification level of the overwritten data).

NIST Purge
Purge refers to a physical or logical technique (while Clear only uses logical techniques) that renders target data recovery infeasible using state-of-the-art laboratory overwrite, block erase, and cryptographic erase methods. It provides a higher level of media sanitisation than Clear and is thus used when handling more confidential data.

This then depends on the host country government security standards and related policies.

Regards

Caute_Cautim

Early_Adopter · ‎08-19-2023

Will it blend…?

Most assuredly… 😄

ericgeater · ‎08-21-2023

BTW, @Caute_cautim, while I was slightly disappointed that the Maxxeguard appliance was not the Blend-O-Matic™ that I expected, I was truly enthralled at its sheer (little joke there) effectiveness. Now I want one.

Also, the end goal for every drive has always been physical destruction. The clear-purge-encrypt angle prior to destruction is for defense-in-depth purposes, mainly because the industry never stopped evolving.

Case in point: our production PCs currently have a variety of drive technologies: rotational 3.5" and 2.5", solid state replacements which fit the 3.5" and 2.5" form factors, NVME and M2 chip drives, and on. Most of those fitting old form factors have barcoded serial numbers, useful for some tracking. The chips only have serials which get tracked by software.

Hard drives with serial numbers are a lot easier to track their destruction. Not to mention, their form factor is just more conspicuous because they're so easily identifiable. NVME and M2 chips could easily go into pockets, or get lost, or neglected, or misidentified. So they need a preventive solution, too.

-----------
A claim is as good as its veracity.

Caute_cautim · ‎08-21-2023

@ericgeater

Education mode for the masses: I learnt something too.

Non-volatile Memory Express (NVMe) is a host controller interface that increases the data speed of laptops, PCs, and gaming consoles. It is a substitute for the Small Computer System Interface (SCSI) standard and the Advanced Technology Attachment (ATA) standard. NVMe is a super-fast way (900% faster than the AHCI equivalent) to access non-volatile memory. Built on a high-speed PCIe interface, NVMe is also known as NAND flash memory that comes in several forms including SSDs, PCI Express (PCIe) add-in cards, M.2 cards, and U.2 connectors. NVMEs have been specifically designed for SSDs and hence they are fast becoming popular storage choices for laptops, PCs, and servers in data centers. NVMe-based SSDs work with all major operating systems, irrespective of their form factor.

M-dot-2 or M.2 is the Next Generation Form Factor (NGFF), a dynamic form factor SSD used in internally mounted storage expansion cards. It endures high data storage in thin, power-constrained devices like Ultrabook laptops and tablets. The size of M.2 SSD is smaller than other mini Serial Advanced Technology Attachment (mSATA), but it can process data at a much faster speed than SATA or SAS SSDs.

How to securely destroy:

https://www.bitraser.com/kb/how-to-wipe-nvme-and-m.2-drives.php

https://www.ibm.com/docs/en/linux-on-systems?topic=devices-secure-data-deletion-nvme-drive

https://www.bitraser.com/ppc/ssd-data-erasure-software.php?gad=1&gclid=EAIaIQobChMIjbGgocrugAMVgg97B...

https://nvmexpress.org/about/

Regards

Caute_Cautim

Verification of clearing or purging of storage media