Data Sanitization Methods

A List of Software Based Data Sanitization Methods

Photo of a hand erasing equations on a blackboard
© Jeffrey Coolidge / Stone / Getty Images
Was this page helpful?

A data sanitization method is the specific way in which a data destruction program or file shredder overwrites the data on a hard drive or other storage device.

Data sanitization methods are also often referred to as data erasure methods, data wipe methods, wipe algorithms, and data wipe standards.

Most data destruction programs support multiple data sanitization methods.

Note: Technically, other methods of destroying data not based on software overwriting are also referred to as data sanitization methods but most of the time the term is referring to these software-based methods of erasing data.

List of Data Sanitization Methods

Here are several popular data sanitization methods used by data destruction programs and, when applicable, the organization or individual credited with originating the method:

Most data destruction programs also let you customize your own data sanitization method with whatever overwriting pattern and number of passes you want.

Which data sanitization method is best?

Overwriting one or more files, or an entire hard drive, just once with a single character, should prevent any software based file recovery method from recovering data from a hard drive.

This is almost universally agreed upon.

According to some researchers1, a single overwriting of data is enough to prevent even advanced, hardware based methods of extracting information from hard drives meaning that most data sanitization methods are over-kill. This is not so agreed upon.

Most experts agree that Secure Erase is the best way to overwrite an entire hard drive in a single pass.

The very simple Write Zero method accomplishes essentially the same thing, albeit much slower.

Using a wipe method to erase data is really just writing other data over top of your previous data so that the information gets replaced with something useless. The new data is essentially random and doesn't actually contain any of your personal information, which is why ones, zeros, and random characters are used. 

If a single overwrite is enough, why are there so many data sanitization methods?

As I mentioned above, not everyone agrees on a software based data sanitization method that will prevent all possible methods of recovering the data.

Because advanced, hardware based methods of extracting information from hard drives exist, several governmental organizations and researchers have independently devised certain methods of overwriting data that, according to their research, should prevent these advanced recovery methods from working.

What Does it Mean to "Verify the Write"?

If you read more about the individual data sanitization methods, you'll see that most of them run a verification after writing a character over the data, meaning that it checks the drive to ensure that the contents were actually written over.

In other words, a data write verification is like a "did I really just do this the right way?" sort of check.

Some data wipe software tools will let you change the number of times it verifies that the files are gone. Some may verify just once at the very end of the entire process (after all of the passes have been completed), while others will verify the write after each and every pass.

To check an entire drive after each and every pass to ensure that the files are being deleted will certainly take much longer to complete because it has to check it more often than just once at the very end.

[1] Craig Wright, Dave Kleiman, and Shyaam Sundhar R.S. in Overwriting Hard Drive Data: The Great Wiping Controversy available here [PDF].