Updated: Jan 18, 2019

1: Why Does WipeDrive Enterprise Offer Corporations The Freedom To Save Audit Reports To Any Location They Prefer?

A: WipeDrive Enterprise focuses on client access to all data. The software does not store log files in a proprietary console but allows users to save their selected type of audit trail (PDF, XML, TXT, CSV, HTML or DB) to any location they prefer. Clients can then provide these reports to internal resources for audits or to clients for proof of erasure.

The implementation of Consoles and Management Systems can be cumbersome. WipeDrive Enterprise has followed our client's recommendations and provide the freedom to save log files to any destination they prefer.

2: Why Are Low Cost Erasure Solutions Inferior To WipeDrive's?

A: The cost of a license should be directly tied to the benefit and value of that software tool. There are erasure tools on the market that offer very low-cost unlimited use licenses. These tools are lacking in certifications and have errors on large quantities of systems they process.

All our clients that have migrated from a low-cost/free tool have seen substantial gains from a less expensive processing system, elimination of false positive erasures and increasing the throughput because of a higher compatibility matrix. We strongly caution against these low-cost tools – a mistake in this area can lead to data breaches and other major legal issues.

3: Why Should A Corporation Choose Data Erasure Over Physical Destruction?

A: Physical destruction has been an alternative to data erasure for most IT assets, but it has many negatives. The largest downside is when a drive is destroyed there is no resale/donation value left. Also, degaussing is a very cheap and affordable method of destruction, but it is not effective on SSD or NVMe (any flash-based storage) drives. Also, when these types of drives are shredded, the flash chips are so small that if they are not ground to a specific particulate size, it is possible for the chip to make it through the shredding process.

Another major issue with physical destruction is the chain of custody. All data-bearing devices must be properly managed until they are destroyed. Typically, this means a locked basement storage locker contains a company's confidential and private data. If a malicious actor was able to gain access to the data-bearing devices or the devices were lost by accident, it could carry serious consequences.

The issues with physical destruction can be mitigated with a data erasure solution. For chain of custody issues, we recommend first wiping the data-bearing device onsite (at the time of decommission) and then process the drive through physical destruction or your resale/donation process. This lessens the chance of a data breach and provides a wipe report for administrator reference.

WipeDrive is government certified to wipe SSD and NVMe drives and all devices can be reused after processing.

With secure erasure, the end-of-life process can provide a reliable method to ensure data security as an alternative to physical destruction.

4: How Can The Private Sector Save Monetarily By Implementing Secure Data Sanitization?

A: The private sector follows approved lifecycle plans for all their IT assets. By moving from physical destruction to data wiping (using the SP 880-88 R1 as a guide) the private sector can resell or donate IT assets that would otherwise be destroyed. This provides a revenue increase from a cost function or allows the organization to donate IT assets to a local school or charity.

The WipeDrive solution provides a certified, proven solution that is easy to implement at all corporate locations and provide a tamper-proof audit report to administrators.

5: How Quickly Should A Wipe Complete?

A: Storage media has a variety of sizes from 250GB to 16TB. A full-featured erasure tool should be able securely overwrite any device at 30-40GB per minute. New flash media and encryption removal technology can make this process even faster. Be wary of low-cost tools, they typically lack the drivers and ATA commands to quickly and efficiently erase any storage device.

6: How Many Times Should The Private Sector Wipe A Device?

A: According to NIST SP 880-88 R1, a single overwrite with ATA commands and a 10% verify will satisfy any requirements for a secure overwrite pattern.

7: Does The Private Sector Need To Verify Erasures?

A: Corporations should consistently be checking drive wipe results to ensure that data erasure tools are functioning correctly on new hardware. There are no regulations that require 3rd party verification of erased drives but it is always a good procedure.

8: How Long Should Audit Reports Be Stored?

A: Audit reports should be stored a minimum of seven (7) years or as otherwise stipulated by internal or government regulations.

9: How Easy Is It To Get WipeDrive Setup?

A: WipeDrive is a boot and run program that could be implemented in minutes. Employees have found it extremely easy to become familiar with WipeDrive. We also offer User Training Classes and Admin I and Admin II Certification for those that need additional training and certification.

10: How Quickly Can Corporations Receive New Custom Builds And Deployments From Wipedrive?

A: The WipeDrive Support Team is trained on providing custom builds and PXE/CD/USB/Remote deployments immediately. Receiving a new build is a simple as an email/chat/call and the build can be delivered in minutes. If there are major customizations, the WipeDrive Support Team will work with the corporation on a delivery date.