How to REALLY erase a LOT of hard drives

"Deleting" a file does nothing of the sort: the file is still on your hard drive, you just can't see it anymore. Cheap file recovery software will reclaim the data in a flash. Which is why smart folks sanitize their disk drives before selling them.

Overwriting your hard drive with meaningless data is the basic concept behind disk sanitization. But it isn't easy to overwrite ALL the data.

Hidden pockets of data Disk drives contain a number of areas where data can hide from overwriting, including

• Host protected areas
• Drive configuration overlays
• Re-mapped bad blocks

Even if you overwrite all "free space" 7 times you can still leave megabytes of data on a drive.

What's a business to do? The National Institute of Standards and Technology (NIST) rates the SATA and PATA Secure Erase feature equivalent to physical destruction of a drive (see How to REALLY erase a hard drive). Secure Erase is fast and effective, but if you need to erase more than a few drives a week the "reboot from a floppy" technique gets cumbersome.

You need industrial strength sanitization Ensconce Data Technology markets a device that will Secure Erase 3 drives at a time. [Disclosure: I have no financial relationship with Ensconce.] The Digital Shredder handles SATA, PATA drives today and, they promise, SCSI drives Q1CY08. 3.5" and 2.5" drives are supported.

Secure Erase is a feature built into ANSI spec for SATA and PATA drive commands. Since the drive runs the process, it doesn't require any external computing horsepower or bandwidth. The Data Shredder just locks the drive in place, starts the process, and doesn't let the drive go until the Secure Erase is complete.

It records the data about the erasure - day, date, operator etc. - for audit purposes and prints out a label to stick on the drive so you know it's been cleaned. The Shredder has no network connection for security reasons. Budget about $11 grand for your own copy.

Another option Secure Erase is both more secure and much faster - 15 to 30 minutes per drive - than overwriting a high-capacity drive, especially if you use the obsolete DOD 7x overwrite standard. But maybe you don't need your drives to be squeaky clean. If regular overwriting is good enough for you there is an alternative.

The ICS [Disclosure: no financial relationship with them either] WipeMASSter will clean 9 drives, including HPA and DCO areas, at once using the older DOD standard from 1995.

It isn't Secure Erase, but if your business isn't covered by HIPAA, Graham-Leach or SOX you're probably fine.

WipeMASSter handles 3x the drives of the Data Shredder, but it uses a slower overwrite, so Data Shredder looks like it will clean more disks per day. On the other hand, WipeMASSter is 1/4th the price so it probably all evens out.

The Storage Bits take Getting data off hard drives isn't as easy as you might hope. If you have a lot of drives passing through your company, the ability to safely sell used equipment should be financially attractive. With these high-volume disk cleaners you can take advantage of the value of old equipment.

Comments welcome, of course.