Updated: Nov 23, 2018

Permanently Erasing Data From EMC Storage Arrays

Securely Sanitize Sensitive Data & Maintain Corporate Compliance

Data storage is a focus and vulnerability for all businesses. Data at rest may contain personal, organizational or government information that will cause legal and regulation penalties if exposed through a data breach. Customers expect all data to be protected through its lifecycle – and the evidence to verify it. This protection must be established and met even through the following circumstances:

  • Data Center transformations, like data migrations and consolidations
  • Refurbishing equipment for resale or end-of-life destruction
  • End of lease equipment return
  • Reallocation and repurposing of IT assets in shared and non-shared environments
  • Maintenance servicing of drives and storage devices

DellEMC storage devices have been a proven solution for data centers and are used in a large variety of environments. The EMC storage arrays implement proprietary operating systems and controller cards to protect the IT asset and ensure operational efficiently. These protections extend to all EMC devices, including the following:

  • Atmos
  • Avamar
  • Centera
  • CLARiiON
  • Data Domain
  • Greenplum
  • Isilon
  • Symmetrix DMX & VMAX
  • DellEMC Unity
  • VNX
  • VxRack
  • VxRail
  • XtremIO
  • Elastics Cloud Storage Appliance

The data at rest on the EMC Storage devices must be removed prior to their return from lease or as part of the end-of-life process. In order to provide a certified erasure of these devices, organizations must run a command line erasure on the system, use a 3rd party software tool or use a DellEMC authorized service provider. Each of these options of their own unique set of advantages and disadvantages. Which method is correct for your organization is up to you.

WipeDrive Key Benefits:

  • Documented compliance to internal, regulatory and customer data security requirements with tamper-proof audit reports
  • Certified erasure tool providing confidence in trading in or redeploying storage assets that all data has been securely wiped
  • Exceed internal data security protocols and policies for data management throughout your organization

DellEMC Authorized Service Provider

The DellEMC ASP will provide data erasure services for the full array or single drives. The erasure service is provided onsite with an ASP technician(s). This service offering can be costly and requires scheduling the availability of the ASP. The ASP provides a certified wipe of the array that is independently audited to conform to NIST 800-88 Guidelines for Media Sanitization – the industry standard for most US government regulations. Many EMC storage array owners (corporate and ITAD/AMS) are continuously investigating other reliable data erasure methods to save on cost.

Command Line

Storage arrays, like EMC devices, can be accessed and erased from the command line. This process implements erase commands sent to the EMC storage devices. Though this is the least expensive method of data erasure, it can be arduous and difficult to find the correct commands for each EMC device. The erasure will not provide an audit report, and, in most circumstances, the command line technique will not be verifiable without a forensic audit of each drive. This method is popular for reallocating IT assets within an organization that did not contain data regulated by government guidelines. The data may be vulnerable after a command line wipe.

3rd Party Erasure Products

3rd party data sanitization software is a low-cost option to erase EMC storage arrays. Software tools, like WipeDrive Enterprise, securely sanitizes user data on EMC storage assets. WipeDrive Enterprise can boot or direct attach to a DellEMC Storage device to erase it. If bootable, each EMC platform and product can be wiped to meet NIST 800-88 Guidelines for Media Sanitization. The software uses the internal controller cards to implement ATA commands on SSDs, NVME and platter-based drives to achieve full system erasure. The sanitization process overwrites physical storage devices with certified overwrite patterns and verifies the erasure of previous data is unrecoverable and unobtainable.

WipeDrive provides a tamper-proof audit report of the erasure for each individual drive, date/time of erasure, overwrite pattern implemented and captures 50 additional data points for the drive. The WipeDrive software has been certified by 3rd party certification bodies; Common Criteria, NATO, NCSC and HIPAA Compliancy Group. Ongoing data forensic testing is completed by NAID-certified clients quarterly, thus ensuring the efficacy of the WipeDrive erasure process.

It is important to note that the proprietary nature of the DellEMC storage devices causes issues with properly booting a 3rd party erasure OS on the device and having the ability to erase the full array. We recommend testing the erasure process on a device before going onsite (as an ITAD). Individual drives from the DellEMC storage arrays can be securely erased in the WhiteCanyon FlexStation or through a standalone deployment. It is not guaranteed that proprietary OS data on the drives will be left behind so it is recommended to have a process to reformat or use as a maintenance process on discarded drives.

Selecting the correct process for your organization must account for cost, time and efficacy of the erasure method instituted. For more on how WipeDrive can save you time and cost on wiping EMC Storage devices, contact the Sales Team at 801.224.8900.