Why Degaussing Tape Backup Cartridges Isn’t Secure Sanitization
Total Data Migration
Degaussing is a popular data sanitization method for magnetic storage media. Named for German mathematician (and magnetic pioneer) Carl Friedrich Gauss, the process removes magnetic patterns, leaving data unrecoverable while preserving the physical media — except, of course, when something goes wrong.
Unfortunately, degaussing errors are common. This is particularly true for magnetic storage tape, as many operators are unaware of the unique problems that the process can create. Commercial degaussing equipment can leave data intact, particularly when used to sanitize modern formats like LTO-8. In this article, we’ll discuss some of the potential issues and how to ensure your tapes are securely sanitized.
Degaussing leaves data on the tape when handled incorrectly.
Most degaussers have simple functionality, but they’re easy to use improperly. The tape is laid on the degausser, which is then turned on. The tape must be rotated 90 degrees several times to ensure that the degaussing affects all data storage areas.
This reorientation is necessary because of the tape’s proximity to the degausser’s surface; when the surface is magnetized, the flexible tape pulls and deforms, but some sections of the tape may remain unaffected. Ideally, several passes will leave the magnetic media without any preference to orientation (to put it simply, the data is permanently erased).
However, modern tapes store large amounts of data per inch, and the operator needs to understand the basics of the storage technology in question in order to orient the tape correctly. The reorientation process that worked well for older tapes can leave a portion of the data intact on newer formats. For some tapes, this can mean gigabytes of data left untouched.
One solution is to use a rotating degausser to automate the process. Unfortunately, this isn’t always appropriate. The degausser needs to be independently verified to be appropriate for the media in question, and operators need to know enough about magnetic storage to recognize (and correct) errors. That’s particularly important when degaussing is used to treat sensitive or confidential data.
Degaussing data leaves a potential cyberattack vector intact.
Realistically, degaussers do a decent job of destroying data on the tape in most circumstances, particularly when the operator has received appropriate training. However, some tapes have components that store data using non-magnetic methods.
For instance, LTO and 359x tapes use a Cartridge Memory (CM) chip, which contains information about the tape’s usage. Per IBM:
For example, the LTO-CM stores the end-of-data location which, when the next time this cartridge is inserted and the Write command is issued, enables the drive to quickly locate the recording area and begin recording. The LTO-CM also aids in determining the reliability of the cartridge by storing data about its age, how many times it has been loaded, and how many errors it has accumulated.
The CM chip greatly improves efficiency, but it can also present a problem during media sanitization: For sophisticated attackers, the CM chip is a potential platform for data exfiltration. While the chip does not contain any of the target data, it can store up to 16 megabytes, including information that could be useful in a cyberattack.
To put that another way: Most organizations will not allow personnel to carry 16Mb flash drives, since that would pose a data risk. CM chips have the same capacity, but they’re often overlooked during data sanitization procedures.
Degaussing results in low throughput for large data sanitization projects.
For enterprises, there’s yet another significant concern: Degaussing can be expensive and slow. High-density data storage devices require strong magnetic fields to degauss — and commercial degaussers can overheat quickly during constant operation. To ensure data sanitization, operators need to turn the equipment off occasionally. That means low throughput, which can be frustrating for operations that purchase expensive degaussing equipment to simplify their secure data destruction processes.
Degaussing can be expensive in terms of manpower, electrical consumption, and ecological impact. Most importantly, the process isn’t perfect. At the end of a data sanitization project, businesses may still need to dispose of the target media, which results in additional costs.
At Total Data Migration, we specialize in secure data destruction. We use our extensive experience with magnetic storage technology to provide cost-effective solutions for businesses of all sizes. Our team can fully sanitize all stored data on any magnetic device, maintaining an excellent ROI while providing complete assurance.
Degaussing can be efficient and effective when trained specialists perform the work. We’re ready to help. To discuss data destruction and media sanitization, call us today at 800-876-3376.