Is the Data Really Gone? A Primer on the Sanitization of Storage Devices

Presented by

Jonmichael Hands, Chia Network; Jim Hatfield, Seagate; John Geldman, KIOXIA

About this talk

What do you think is a more secure way of securely removing data from a hard drive - putting it through a shredder, or doing an instant secure erase? The answer might surprise you! Companies go to great lengths to secure their data and prevent confidential information from being made available to others. When a company is done using its ICT equipment, including the storage device, it is important to render the data inaccessible. Sanitization is process or method to render access to target data on storage media infeasible for a given level of effort. SSDs and HDDs have various security features that make this sanitization quick, secure, and verifiable. We will go over the different types of sanitization defined in the new IEEE P2883 Specification for Sanitization of Storage, including “clear”, “purge”, and “Destruct”. We will cover easy ways to perform these methods in mainstream storage interfaces like SATA, SAS, and NVMe. We will cover some recommendations for the verification of sanitization to ensure that devices are meeting stringent requirements. Selecting the proper form of media sanitization with data sensitivity also needs to be weighed with the consequences of physical destruction. Circular business models are essential for the ICT industry, as a large percentage of energy and carbon emissions come from manufacturing products. Circular business models design waste out, keep materials in use as long as possible, and restore environmental systems in the process. Physical destruction, quite obviously, prevents further use phases for a device. We will cover the purge technique for media sanitization that can be quick, secure, reliable, and verifiable - and most importantly keeps the device in one piece.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (144)
Subscribers (55278)
SNIA is a not-for-profit global organization made up of corporations, universities, startups, and individuals. The members collaborate to develop and promote vendor-neutral architectures, standards, and education for management, movement, and security for technologies related to handling and optimizing data. SNIA focuses on the transport, storage, acceleration, format, protection, and optimization of infrastructure for data.