Data Sanitization

Data sanitization refers to the process of permanently and irreversibly destroying data on a storage device in a deliberate manner, typically for compliance and/or corporate security purposes. After data sanitization, a storage device will have no usable residual data, and there is no way to recover any of the data, even with the use of advanced forensic and data recovery tools.

Data sanitization has long played a key role for protecting sensitive corporate data, and it s become an increasing necessity as compliance regulations have become more prominent and stringent in recent years, especially following the EU s General Data Protection Regulation (GDPR), which requires companies to erase customer data upon request and provide proof of data sanitization measures.

Data sanitization is a more complete form of data destruction than similar terms like drive reformatting, device factory reset, data wiping, data deletion, data clearing, disk scrubbing, and file shredding. Data sanitization even goes a step beyond data destruction in that it requires verification or proof that no recoverable or usable data remains on the storage media once sanitized.

Three Ways to Perform Data Sanitization

A device can undergo data sanitization in one of three main ways:

Physical destruction: This involves shredding hard drives, mobile devices and other forms of storage media into tiny pieces. Another type of physical destruction for data sanitization involves a degausser, a tool that exposes data to a powerful magnetic field and neutralizes the data on a hard drive and prevents is from being recoverable.

Cryptographic destruction: Storage devices that utilize encryption software to protect the data contained on them can be sanitized by erasing the 128-bit (or higher) encryption key used to decrypt the data. While the data remain on the device, cryptographic destruction is considered an approved method of data sanitization since it renders the data unrecoverable and can be verified.

Data destruction: Data destruction, or data erasure, utilizes software tools to securely overwrite data on a storage device. In order to ensure data sanitization, an approved standard for the company’s industry or organization must be used for data erasure, and the process must be documented and verified.

Forrest Stroud
Forrest Stroud
Forrest is a writer for Webopedia. Experienced, entrepreneurial, and well-rounded, he has 15+ years covering technology, business software, website design, programming, and more.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.

Related Articles

Complete List of Cybersecurity Acronyms

Cybersecurity news and best practices are full of acronyms and abbreviations. Without understanding what each one means, it's difficult to comprehend the significance of...

Human Resources Management System

A Human Resources Management System (HRMS) is a software application that supports many functions of a company's Human Resources department, including benefits administration, payroll,...

How To Defend Yourself Against Identity Theft

Almost every worldwide government agency responsible for identity theft issues will tell you the same thing: The first step to fighting identity theft is...

Infographic

An infographic is a visual representation of information or data. It combines the words information and graphic and includes a collection of imagery, charts,...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...