Data wiping techniques should be included in these policies to ensure data residing on retired disks cannot be recovered.
![microsoft office web components 2003 for chrome microsoft office web components 2003 for chrome](https://w2.updatestar.com/img/icons/1155305.32.png)
Where data sanitization is concerned, enterprises should have security policies in place to handle replacement of disks-whether HDD or SSD-as part of their datacenter operations and maintenance, he said. "Information today is the crown jewel of all enterprises-the loss of critical business information can affect an organization's competitive advantage reputation, as well as legal or regulatory implications," Ng pointed out in an e-mail. Ronnie Ng, systems engineering manager at Symantec Singapore, noted that organizations need to be mindful of protecting their data throughout its lifecycle of use which includes deletion.
![microsoft office web components 2003 for chrome microsoft office web components 2003 for chrome](https://content.spiceworksstatic.com/service.community%2Fp%2Fproduct_images%2F0000077284%2F51cb19d7%2Fattached_image%2FMicrosoft_Office_2003_Web_Components_Review_thumb.jpg)
The success of these commands should be independently verified, he added. "In truth, data may remain on the drive and require only moderate sophistication to extract."Įnterprises, Wei said, should consult with vendors to make sure the SSDs they are considering support the ATA secure-erase commands before commissioning the drives. "An SSD's owner might apply a hard drive-centric sanitization technique under the misguided belief that it would render the data essentially irrecoverable," they explained. The differences can "potentially lead to a dangerous disconnect" between user expectations and the flash disk's actual behavior, they warned. Pointing out that most commercial sanitization tools do not take into account SSDs, Wei said one tool the researchers tested, which claimed to be able to erase data on SSDs, "used an overwriting technique that left data" on the device.Īccording to a paper authored by the researchers, the way data is stored as well as how it is managed and accessed on SSDs are different from that in HDDs. In addition, while SSDs come with built-in ATA or SCSI sanitization commands, they are not always implemented correctly by manufacturers, he added. Wei is part of a team of researchers, who earlier this year released a study which concluded that none of the current techniques for individual file sanitization for HDDs are effective on SSDs. Such standards, however, are not applicable to SSDs, he said in an e-mail interview with ZDNet Asia. Michael Wei, graduate researcher at the University of California, San Diego (UCSD), noted that most organizations outsource data destruction to service providers which claim to be compliant to standards associated with sanitization of hard disk drives (HDDs). Enterprises that use flash memory storage devices such as solid-state drives (SSDs) need IT policies and checks to ensure data erasure is done in an appropriate manner, say researchers.