Many CIOs assume that sanitization requires physical destruction. That’s not necessarily the case; since physical media destruction can increase the budget for the project, it shouldn’t be the default method.
Nevertheless, one 2009 research report from Enterprise Strategy Group found that 53% of large enterprises used brute-force methods (in other words, physical destruction techniques) to sanitize storage data. In many cases, these physical methods aren’t designed for magnetic tape media, and as a result, they’re largely ineffective from a security standpoint.
Common sanitization techniques for data tapes include:
● Degaussing - For many tape formats, degaussing is effective, but the process must be handled (and verified) by experienced professionals. Improper degaussing techniques can leave usable data in place. Our blog “Why Degaussing Tape Backup Cartridges Isn’t Secure Sanitization" provides additional details.
● Cryptographic Erase - This logical process erases cryptographic keys, rendering the device inaccessible. While this is an acceptable means of partial sanitization, it can make verification (and documentation) much more difficult.
● Shredding - Tape is thin and flexible, and hardware shredders cannot reliably shred tape to eliminate usable data. While shredding is a common method of sanitization, it creates security hazards.
● Incineration - Incineration is secure, but has a serious environmental impact. As a result, some incineration service providers enforce daily limits for data cartridges, which can increase the scope of the project.
Degaussing is a superior option for sanitization, but the process must be performed in a controlled setting by experienced tape specialists. Commercial degaussers can leave small fragments of data intact — while the data will be difficult to restore, partial data recovery is not impossible, and malicious actors can cause a lot of damage with a limited amount of information.