Data sanitization refers to the process of permanently and irreversibly destroying data on a storage device in a deliberate manner, typically for compliance and/or corporate security purposes. After data sanitization, a storage device will have no usable residual data, and there is no way to recover any of the data, even with the use of advanced forensic and data recovery tools.
Data sanitization has long played a key role for protecting sensitive corporate data, and it’s become an increasing necessity as compliance regulations have become more prominent and stringent in recent years, especially following the EU’s General Data Protection Regulation (GDPR), which requires companies to erase customer data upon request and provide proof of data sanitization measures.
Data sanitization is a more complete form of data destruction than similar terms like drive reformatting, device factory reset, data wiping, data deletion, data clearing, disk scrubbing, and file shredding. Data sanitization even goes a step beyond data destruction in that it requires verification or proof that no recoverable or usable data remains on the storage media once sanitized.
Three Ways to Perform Data Sanitization
A device can undergo data sanitization in one of three main ways:
Physical destruction: This involves shredding hard drives, mobile devices and other forms of storage media into tiny pieces. Another type of physical destruction for data sanitization involves a degausser, a tool that exposes data to a powerful magnetic field and neutralizes the data on a hard drive and prevents is from being recoverable.
Cryptographic destruction: Storage devices that utilize encryption software to protect the data contained on them can be sanitized by erasing the 128-bit (or higher) encryption key used to decrypt the data. While the data remain on the device, cryptographic destruction is considered an approved method of data sanitization since it renders the data unrecoverable and can be verified.
Data destruction: Data destruction, or data erasure, utilizes software tools to securely overwrite data on a storage device. In order to ensure data sanitization, an approved standard for the company's industry or organization must be used for data erasure, and the process must be documented and verified.
Stay up to date on the latest developments in Internet terminology with a free newsletter from Webopedia. Join to subscribe now.
From A3 to ZZZ we list 1,559 text message and online chat abbreviations to help you translate and understand today's texting lingo. Includes Top... Read More »Huge List of Computer Certifications
Have you heard about a computer certification program but can't figure out if it's right for you? Use this handy list to help you decide. Read More »
Computer architecture provides an introduction to system design basics for most computer science students. Read More »Network Fundamentals Study Guide
Networking fundamentals teaches the building blocks of modern network design. Learn different types of networks, concepts, architecture and... Read More »The Five Generations of Computers
Learn about each of the five generations of computers and major technology developments that have led to the computing devices that we use... Read More »