Data Destruction Standards

Brooks Hoffman

When ITAD vendors state that their data destruction solutions meet the DoD 5220.22-M “standard,” it typically means that their software will write to all addressable hard drive locations with a character, its complement, and a random character.  It must then be followed by verification.  This “three-pass” procedure is designed to prevent data from being recovered by commercially available processes.   But is the DoD 5220.22-M standard the best wiping method for eradicating electronic data?   In a recent blog post, Blancco’s Richard Steinnon examines the applicability of the DoD standard and compares it to other approaches such as NIST 800-88 and physical destruction:

More in The Pulse of ITAD