Are Multiple Overwrite Patterns Necessary?
Paul Katzoff
Automated network maps, network change tracking & config backup | VP of Sales @ UVnetworks
SUMMARY
The data erasure industry has relied on multiple overwrite passes since the beginning of data wiping. The historical significance comes from the concern that platter-based wiping may leave trace elements that can be viewed by an electron microscope, and thus be able to recreate the data. Hard drive technology has progressed to the point that the track writing is immediately on top of the previous track. NIST has updated their required overwrite pattern to a single overwrite with a verify. It also requires ATA commands for SSD wiping. WhiteCanyon Software recommends a single overwrite pattern and verify for all drive deletion.
THE ORIGIN OF MULTIPLE PASSES
The idea that multiple wipe pass are required to render data irrecoverable originates in part with a 1996 study published by Peter Gutmann who suggested that data should be wiped up to 35 times in order to be rendered irrecoverable. He proposed that data could be recovered using magnetic force microscopy (MFM) and scanning tunneling microscopy (STM) techniques. However, modern hard drives over the last 10-15 years have advanced in technology to the point where the MFM and STM techniques have become obsolete. Specifically, part of Gutmann’s claim was that the head positioning system in hard drives was not precise enough to overwrite new data on top of the exact position of the old data, thus creating the possibility that the old data would remain intact. Today’s hard drive technologies are very precise and have eliminated this possibility.
GOVERNMENT STANDARDS
Various domestic and international government standards such as the DoD 5220.22-M and the NSA 130-1 have required multiple passes when sanitizing data storage. Many organizations have to comply with these standards as a matter of policy and data erased using these standards is certainly irrecoverable. However, from a data sanitization perspective there is no proven need to wipe using more than one pass. In fact the National Institute of Standards and Technology (NIST) states in their “Guidelines for Media Sanitization (SP 800-88) states that the “NSA has researched that one overwrite is good enough to sanitize most drives.”
COMPANIES USING A SINGLE PASS WIPE
It is a common best practice to use a single pass for hard drive sanitization. As an example, the following organizations are currently using a single pass:
? Bank of America
? Deloitte
? Merck Pharmaceuticals
? Goldman Sachs
? Department of Homeland Security
RECOMMEDATION
WhiteCanyon Software recommends using a single pass as standard practice for sanitizing hard drives. This significantly reduces the wipe time while still rendering the data irrecoverable. Performing multiple wipes as part of a multi-pass overwrite pattern is unnecessary to make data irrecoverable and may lead to a false understanding that SSDs have been wiped. WhiteCanyon Software only recommends using multiple passes if required as part of your organization’s policy or for special use cases where multiple redundancies are desired, but to include ATA commands in these passes. All other media should be erased with the NIST overwrite pattern.