Data erasing solutions?

Business/IT alignment
Disk drives
Project management
Hello everyone, I am currently working on a worldwide project and I need address one specific issue: Which is the better solution in terms of:
  1. Administration (time dedicated to daily production).
  2. Product effectiveness and by this I mean the products capacity to provide a 100% or close to in satisfying its goal (completely erasing data from hard drives).
  3. Cost (dilemma -"Hard drive erasing" or "scrapping").
Now to add some detail to context, this project concerns a service provider for a small section of automotive company where this solution will be tested. With the validation of this solution, the project will of course be deployed worldwide. Which solution can provide such services for a 40,000 PC parc? Or several PC parks of 200 pcs to 10,000 pcs? Sincerely, Tarlis Machado

Answer Wiki

Thanks. We'll let you know when a new response is added.

EBAN is a enterprise version of dban and widely used open source data removal and destruction software. I would recommend DBAN if cost is an issue. DBAN will wipe the harddrive clear of any data on them by writing over the disk multiple times with 1s and 0s. I wrote a review on dban and wipedrive. Wipedrive is commercial software used by government agencies. They don’t cost to much and are easy to use.

SCSI Hammer will process 30 drives at once while they remain in the enclosure and you can see a short video of the basic operation here.
This product meets the NIST 800-88 guidelines and if you need more information please feel free to contact me.

Discuss This Question: 11  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Stanslad
    I think you have two possibilities here, depending on if you want to reuse the drives. 1. Engage a supplier to physically destroy the hard drives. 2. Use a good disk encryption tool then reformat/reuse the drives.
    0 pointsBadges:
  • Tmachado
    Hello and thanks for responding, Our fleet are equiped with SATA, SAS, and IDE going from 40 GB to 80 GB on speeds of 7,200 to 15,000 tpm. And for the quantity, our fleet world wide represents 40,000 PCs but each site manages it's IT management so we will have sites going from 200 PCs to sites having 10,000 PCs. These numbers are shown to address licensing issues that we may encounter on each site. thanks for the trouble, Tarlis
    0 pointsBadges:
  • FlyNavy
    You have 3 options I know of. You can use a degausser, you can use an erasing progam, or you can destroy the drives. Certified degaussers can be expensive, but if you are centrally managing the erasures, with the number of drives you mention, time and effort would outweigh the cost. This is a mechanical, magnetic process. NSA certified erasing progams are available but take time to complete. You can purchase hard drive banks or build your own so you could erase multiple drives at once. I have seen banks that will do up to about 25 drives. The NSA approved approach writes 0s and 1s over and over until data recovery is guaranteed impossible. This takes time and management effort. Last, you can always either destroy the disks internally or hire a 3rd party to destroy the media. NSA also has information on what methods of destruction are approved. All these options are significant overkill unless you are moving drives from one company to another. If you are reworking PCs for internal use, there are several commercial products that will provide sufficient data erasure to keep data safe and ensure any licensing issues are maintained within the organization.
    0 pointsBadges:
  • Mortree
    Well one key question is whether you are erasing for protecting this compnaies trade secrets only or whether you have specific legal requirements to do certified erasure. Any program that does a Gutman erase would ensure data recovery is impractical for almost any budget. The actual program run doesn't need to be attended though you do need to know it completed successfully (see below). One example FREEWARE program If there are no specific outside legal limitations just use a freeware program otherwise have the local company programmer write you a simple program that implements Peter Gutmann's paper "Secure Deletion of Data from Magnetic and Solid-State Memory". The original calculations of the answer might have been rocket science but given the answer the program isn't. Simply set the GUtman erase program running on each retired PC before transporting. A GPO to install and run on boot. It would take about 8-24 hours to run. Your main concern would be ensuring that the program runs to completion and is not interrupted by untrusted/uninformed personnel or power loss. I would guess you would want a locked environment (weekend offhours in normal office even) and at least a means of recording power outage or printing program successful completion (script/parameters).
    0 pointsBadges:
  • Mortree
    Simply encrypting existing data is not a good solution. This just overwrites with one new layer of data. Unfortunately, at least 4-5 "layers" (previous copies) of data can be read just by manipulating the existing drive interface electronics. So unencrypted data could still theoretically be read.
    0 pointsBadges:
  • Mortree
    Destruction is easy. Just raise the temperature of the disk surface above the Curie point for a couple minutes. In practice if you are heating a dumpster full of drives at once, to ensure the surface of all drive platters reach that point, you would want to sustain >700C for an hour or more so the heat soaks through. Loading the drives into the dumpster with a scrap metal electromagnet is likely sufficient in itself -- but I am not quite sure.
    0 pointsBadges:
  • Mortree
    Gutman's paper is generally considered the ultimate erasure analysis. Still used by the NSA. But be sure to read the epilogue. Points out that generally speaking the full 35 passes are massive overkill...yet fewer passes can be ineffective if they are the wrong type of passes for that drive.
    0 pointsBadges:
  • Ken Harthun
    NIST 800-88 
    Secure Erase and Enhaced Secure Erase are your best bet. Depending on the drive size, Secure Erase can take 30-60 minutes, while Enhanced Secure Erase, if available on the particular drive (only recently released on some Seagate drives), takes just seconds.
     CMRR's Secure Erase
    (free) will execute it, if available. CMRR has a
    on disk sanitization and their
     Secure Erase page
    has a link to download the program. This will only work with ATA drives; for SAS, you'll have to perform multiple overwrites using a program such as
    Darik's Boot and Nuke
    . I've discussed this in my
    Security Corner
    blog recently, so you might read my posts there.
    2,300 pointsBadges:
  • MrClean07
    There are many methods used to destroy data and/or hard drives. Many have limitations. I cannot detail all in this communication but would be willing and able to send some papers I have written about this. One of the methods not mentioned is when there is an emergency situation where time is of the essence and destruction of hard drives is an absolute must lest sensitive information falls into the wrong hands. Remember, hard drive destroyers need electricity in order to function. What id electricity is cut off? I will document a Manual Hard Drive Destroyer being used by NSA that will do the job. Don Blackburn,
    95 pointsBadges:
  • Kevin Beaver
    I don't envy you with this task at hand! Sounds like a good job for college interns. For what it's worth, check out KillDisk at as well.
    27,550 pointsBadges:
  • TomLiotta
    ...most drives encountered nowadays (> 20 gigs) contains an on board function (HDD erase/ secure erase)...   As already clearly noted in the thread above, Secure Erase pretty much obsoletes all related 3rd-party software, free, open-source or commercial.   Tom
    125,585 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: