To ensure data security at the end of an asset's life, data erasure software is an essential tool that completely removes sensitive information from storage devices. To be effective, such software must comply with industry standards, such as those set by the National Institute of Standards and Technology (NIST). This article will explain how Securaze complies with NIST standards.
What is NIST?
The National Institute of Standards and Technology (NIST) is a non-regulatory agency of the United States Department of Commerce. NIST develops standards, guidelines, and best practices to promote innovation and competitiveness in science, technology, and industry. NIST also provides guidance on cybersecurity, including data erasure.
What is NIST Special Publication 800-88?
NIST Special Publication 800-88 is a guideline that defines data sanitization techniques for media containing sensitive information. This guideline provides recommendations for the secure erasure of data from various types of storage devices, including hard disk drives, solid-state drives, and mobile devices. The guideline also outlines the requirements for software that performs data erasure.
How does Securaze secure erasure software comply with NIST standards?
Securaze is designed to be compliant with the guidelines set forth in NIST Special Publication 800-88. Specifically, our software uses the following techniques to securely erase data:
Overwriting: Securaze uses advanced algorithms to overwrite the data on storage devices with random characters, which ensures that the original data cannot be recovered by any means. This process is known as overwriting.
Verification: To verify that the data has been successfully erased, our software reads the overwritten data and checks for any discrepancies. If discrepancies are found, the software attempts to overwrite the data again.
Reporting: Our software generates a report that details the erasure process, including the type of storage device, the erasure method used, and the verification results. This report provides a comprehensive record/report of the data erasure process for compliance purposes.
Securaze provides both NIST 800-88r1 erasure standard outlined in the Special publication:
Our software utilizes logical techniques to sanitize data in all user-addressable storage locations, providing protection against simple non-invasive data recovery techniques. This is typically achieved through standard Read and Write commands to the storage device, such as rewriting the data with new values or using a menu option to reset the device to its factory state (if supported).
Applies physical or logical techniques that render the Target Data recovery infeasible using state of the art laboratory techniques.
Ensuring data security is crucial, and Securaze's data erasure software is an essential tool to achieve this goal. Compliance with NIST 800-88 is essential for the effectiveness of Securaze. Our data erasure software complies with the guidelines set forth in NIST Special Publication 800-88 by using advanced algorithms to overwrite data, verifying the erasure process, and generating a tamper-proof and auditable erasure report. With Securaze, you can have confidence that your sensitive data is securely erased and compliant with NIST 800-88 guidelines.
Citation: NIST Special Publication 800-88r1, 2.5 Types of Sanitization