What is the CSEC ITSG-06 Method?

Details on the CSEC ITSG-06 Data Wipe Method

Circuit Board and Binary Digits
Corbis/VCG / Getty Images
Was this page helpful?

CSEC ITSG-06 is a software based data sanitization method used in some file shredder and data destruction programs to overwrite existing information on a hard drive or other storage device.

Erasing a hard drive using the CSEC ITSG-06 data sanitization method will prevent all software based file recovery methods from finding information on the drive and is also likely to prevent most hardware based recovery methods from extracting information.

What Does CSEC ITSG-06 Do?

All data sanitization methods are similar, but what sets them apart from each other are the small details. For example, Write Zero is a method that only uses one pass of zeros. Gutmann overwrites the storage device with random characters, possibly up to dozens of times.

However, the CSEC ITSG-06 data sanitization method is a little different in that it uses a combination of zeros and random characters, plus ones. It's usually implemented in the following way:

  • Pass 1: Writes a one or zero
  • Pass 2: Writes the complement of the previously written character (e.g. one if Pass 1 was zero)
  • Pass 3: Writes a random character and verifies the write

CSEC ITSG-06 is actually identical to the NAVSO P-5239-26 data sanitization method. It's also similar to DoD 5220.22-M except that, as you see above, it doesn't verify the first two writes like DoD 5220.22-M does.

Tip: Most programs that use the CSEC ITSG-06 method let you customize the passes.

For example, you might be able to add a fourth pass of more random characters. However, if you change the method away from how it's described above, you'll no longer be using CSEC ITSG-06. For example, if you customize it to add a verification after the first two passes, you've moved away from CSEC ITSG-06 and built DoD 5220.22-M instead.

Programs That Support CSEC ITSG-06

I don't see the CSEC ITSG-06 data sanitization method implemented by name in many data destruction programs but like I said above, it's awfully similar to other methods like NAVSO P-5239-26 and DoD 5220.22-M.

However, one program that does use CSEC ITSG-06 is Active KillDisk, but it's not free to use. Another is WhiteCanyon WipeDrive, but only the Small Business and Enterprise versions.

Most data destruction programs support multiple data sanitization methods in addition to CSEC ITSG-06. If you open one of the programs I just mentioned, you'll have the option to use CSEC ITSG-06 but also several other data wipe methods, which is great if you later decide to use a different method or if you prefer to run multiple data sanitization methods on the same data.

Note: Even though there aren't many programs that advertise their support for CSEC ITSG-06, some data destruction applications let you build your own custom wipe method. This means you can replicate the passes from above to make something that matches or closely resembles the CSEC ITSG-06 method even if it's not apparent that it's supported. CBL Data Shredder is one example of a program that lets you build custom wipe methods.

More About CSEC ITSG-06

The CSEC ITSG-06 sanitization method was originally defined in Section 2.3.2 of IT Security Guidance 06: Clearing and Declassifying Electronic Data Storage Devices, published by Communication Security Establishment Canada (CSEC), available here (PDF).

CSEC ITSG-06 replaced RCMP TSSIT OPS-II as Canada's data sanitization standard.

Note: CSEC also recognizes Secure Erase as an approved method of sanitizing data.