Home » Free Zone » Hard Drive Sanitization According to Dept. of Defense standards

Hard Drive Sanitization According to Dept. of Defense standards

US Department of Defense in the clearing and sanitizing standard DoD 5220.22-M recommends the approach “Overwrite all addressable locations with a character, its complement, then a random character and verify” (see table with comments) for clearing and sanitizing information on a writable media.

If you use FDISK, FORMAT utilities, or the standard operating system DELETE command for data removal, there is always a chance to recover the deleted files (using undelete or unformat tools) which can be used against the owner’s will.

Unless your company plans to do data destruction by hard drive shredding, here are some free software that conform to this security standard, i.e. triple data overwriting for the destruction of remains of sensitive data.

Active@ KillDisk

Powerful and compact software that allows you to destroy all data on hard disks, SSD & USB disks completely, excluding any possibility of future recovery of deleted files and folders. It’s a hard disk drive sanitizing tool and partition eraser utility, DoD 5220.22 M compliant.

Active@ KillDisk
Active@ KillDisk

OnClick Utilities

DeleteOnClick completely deletes files in one click and the data becomes unrecoverable, and also has the option to wipe free disk space. For this reason you must use the program carefully. Once a file is ‘Securely Deleted’ no one can undelete it.

  • Wipes all file dates before wiping file.
  • Wipes file attributes before wiping file.
  • Renames files before they are deleted so that anyone trying to undelete cannot even see what the file was called.
  • Quickly Wipe Free Disk Space: This will wipe all free space on the disk more quickly but is less secure than the Securely Wipe Free Disk Space option below.
  • Securely Wipe Free Disk Space: This will securely wipe all free space on the disk.
  • Can securely empty recycle bin.
Active@ KillDisk
OnClick Utilities

US Department of Defense 5220.22-M Clearing and Sanitization Matrix

Magnetic Tape1
Type Ia or ba, b, or m
Type IIa or bb or m
Type IIIa or bm
Magnetic Disk
Bernoullisa, b, or cm
USBs(floppys)a or bb or m
Non-Removable Rigid Diskca, b, d , or m
Removable Rigid Diska, b, or ca, b, d , or m
Optical Disk
Read Many, Write Manycm
Read Onlym,n
Write Once, Read Many (Worm)m, n
Dynamic Random Access memory (DRAM)c or gc, g, or m
Electronically Alterable PROM (EAPROM)ij or m
Electronically Erasable PROM (EEPROM)ih or m
Erasable Programmable (ROM (EPROM)kl, then c, or m
Flash EPROM (FEPROM)ic then i, or m
Programmable ROM (PROM)cm
Magnetic Bubble Memoryca, b, c, or m
Magnetic Core Memoryca, b, e, or m
Magnetic Plated Wirecc and f, or m
Magnetic Resistive Memorycm
Nonvolatile RAM (NOVRAM)c or gc, g, or m
Read Only Memory ROMm
Static Random Access Memory (SRAM)c or gc and f, g, or m
Cathode Ray Tube (CRT)gq
Impactgp then g
Lasergo then g

a. Degauss with a Type I degausser

b. Degauss with a Type II degausser.

c. Overwrite all addressable locations with a single character.

d. Overwrite all addressable locations with a character, its complement, then a random character and verify.

e. Overwrite all addressable locations with a character, its complement, then a random character.

f. Each overwrite must reside in memory for a period longer than the classified data resided.

g. Remove all power to include battery power.

h. Overwrite all locations with a random pattern, all locations with binary zeros, all locations with binary ones.

i. Perform a full chip erase as per manufacturer’s data sheets.

j. Perform i above, then c above, a total of three times.

k. Perform an ultraviolet erase according to manufacturer’s recommendation.

l. Perform k above, but increase time by a factor of three.

m. Destroy – Disintegrate, incinerate, pulverize, shred, or melt.

n. Destruction required only if classified information is contained.

o. Run five pages of unclassified text (font test acceptable).

p. Ribbons must be destroyed. Platens must be cleaned.

q. Inspect and/or test screen surface for evidence of burned-in information. If present, the cathode ray tube must be destroyed.

Originally posted 2017-09-27 18:08:32. Republished by Blog Post Promoter

Check Also

The Digital Wave – How It Impacts Data Management

Read on the impact of digitization on data management and what’s in it for businesses and industries.

Information Technology Blog

Accessibility Tools