Computing

Data Sanitization Method

By Tim Fisher, About.com Guide

Definition: A data sanitization method is the specific way in which a data destruction program overwrites the data on a hard drive or other storage device.

Most data destruction programs support multiple data sanitization methods.

Note: Technically, other methods of destroying data not based on software overwriting are also referred to as data sanitization methods.

Here are several popular data sanitization methods used by data destruction programs:

Secure Erase
DoD 5220.22-M (US Department of Defense)
NCSC-TG-025 (US National Security Agency)
AFSSI-5020 (US Air Force)
AR 380-19 (US Army)
NAVSO P-5239-26 (US Navy)
RCMP TSSIT OPS-II (Canada)
CSEC ITSG-06 (Canada)
HMG IS5 (UK)
ISM 6.2.92 (Australia)
NZSIT 402 (New Zealand)
VSITR (Germany)
GOST R 50739-95 (Russia)
Gutmann
Schneier
Pfitzner
Random Data
Write Zero

Most data destruction programs also let you customize your own data sanitization method with whatever overwriting pattern and number of passes you want.

Which data sanitization method is best?

Overwriting an entire hard drive once with a single character will prevent any software based file recovery method from recovering data from a hard drive. This is almost universally agreed upon.

According to some researchers¹, a single overwriting of data is enough to prevent even advanced, hardware based methods of extracting information from hard drives meaning that most data sanitization methods are over-kill. This is not so agreed upon.

Most experts agree that Secure Erase is the best way to overwrite a hard drive in a single pass. The very simple Write Zero method accomplishes essentially the same thing, albeit much slower.

If a single overwrite is enough, why are there so many data sanitization methods?

As I mentioned above, not everyone agrees on a software based data sanitization method that will prevent all possible methods of recovering the data.

Because advanced, hardware based methods of extracting information from hard drives exist, several governmental organizations and researchers have independently devised certain methods of overwriting data that, according to their research, should prevent these advanced recovery methods from working.

[1] Craig Wright, Dave Kleiman, and Shyaam Sundhar R.S. in Overwriting Hard Drive Data: The Great Wiping Controversy available here [PDF].

Also Known As: data erasure method, data wipe method, wipe algorithm, data wipe standard

Alternate Spellings: data sanitisation method

Examples:

"One of the most popular data sanitization methods is the DoD 5220.22-M method. Almost all data destruction software programs utilize this method, among others."

More Related to Data Sanitization Methods

Tim Fisher
PC Support Guide

Sign up for My Newsletter

See More About