Data Destruction

Alongside other aspects, such as encryption and data protection, data destruction plays a vital role in data security. While data protection ensures the security of saved data, proper data destruction protects your data from third parties, particularly in cases where devices or drives are passed on or returned in warranty cases.

There are three regulated ways of destroying the data on an electronic storage medium:

  • Physical Destruction: The drive is physically destroyed. This can include different ways of destroying the drive, but certified destruction will include shredding the storage medium.
  • Secure Deletion: This process avoids destroying the device by applying certified methods of deletion that leave no method of restoring the data.
  • Only for Magnetic Storage Media: Degaussing. Data on magnetic storage media can be permanently destroyed by applying a strong magnetic field. This, however, has the same disadvantage as physical destruction, leaving the drive in question unusable.

Certified Data Destruction Methods Using Software

There is a diverse array of options - freeware as well as commercial software - for the mass deletion of data. All serious solutions, however, follow the same principle: the storage medium is overwritten with other data. Depending on the algorithm used, each bit on the drive is set either to 0 or 1. Some algorithms also use random data instead.

Deleting Data on SSDs / SSHDs

SSDs / SSHDs should be deleted using the "secure erase" method. This relates directly to the way in which the data is saved on the drive. Secure erase is an ATA-command and guarantees the secure deletion of all data in accordance with ATA-specifications. In SSDs, the SSD-controller is responsible for running the secure erase function. On older SSDs, this fully deletes all blocks, which has a positive effect on the writing speed of the drive. Newer Models use a different secure erase method. Because all data on newer drives is automatically encrypted, this method simply deletes the key. The data is technically still available, but can no longer be decrypted.

Deleting Data on magnetic Storage Devices, e.g. Hard Disks (Example Algorithms)
Simple Overwrite The Data is overwritten once with either zeroes or random data.
Triple Overwrite following the US DoD 5220.22-M (E) procedure
  1. Pass: Overwrite with a fixed value.
  2. Pass: Second Pass with its' compliment.
  3. Pass: Random Data
6-Pass approach following BSI IT Baseline Protection Manual
  1. Pass: Overwrite with a random pattern.
  2. Pass: Overwrite with its' compliment.

Repeat this Process three times with a different random pattern each time.

7-Pass approach following DoD 5220.22-M ECE
  1. Pass: Overwrite using three passes of the DoD 5220.22-M (E) standard
  2. Pass: Overwrite once with random values
  3. Pass: Finally, run another pass of DoD 5220.22-M (E)
35-Pass approach following the Gutmann-Method The data is overwritten in 35 defined passes, which are executed in a random order.

Data Destruction Software

Please note that the following software is freeware for private use.

Bootable Software

Installable Software

SSD-Manufacturer-Toolkits, some of which feature Secure Erase