Delete and destroy data, but correctly and in compliance with the BSI

Hard drive deleted and shredded
A used PC or a used notebook in the second life cycle can not only generate additional income, but also conserve valuable resources and thus the environment. So, sell your laptop, erase your data and you're done ?! Unfortunately, it's not that simple.

What should I watch out for if sensitive company data is stored on this device? Deleting all files and resetting the laptop to the factory settings is unfortunately not enough. Especially if this PC or notebook is a company device, because BSI-compliant data deletion applies here.

There are a number of software tools for deleting data. It should be noted here that not all tools are certified by the Federal Office for Information Security (also called BSI). Because the right deletion standard is crucial when deleting data.

A triple deletion without further specification can usually be found in the guidelines of the companies. However, it does not depend on the number of overwriting rounds, but on the selected standard. The two most widely used practices are the U.S. Department of Defense (DoD) and the National Institute for Standards and Technology (NIST).

The DoD standard is 25 years old and works exclusively according to the overwriting process. As many zeros or random values ​​are assigned to storage on the data carrier as it has capacity. It is assumed that all storage areas on the data carrier will be overwritten. Defective or mapped sectors are just as neglected as the reserve areas retained by the firmware.

The NIST standard uses modern firmware-based deletion methods. The data erasing software sends a command to the disk. This special command tells the disk to "erase all of its data". Intelligent algorithms stored in the data carrier's firmware then take over this process. Mapped sectors are also taken into account, as well as reserved areas. The process works with both modern flash drives (SSDs) and magnetic drives (HDDs). If a disk's firmware does not have a data wipe command stored in it, the data wipe software will overwrite the disk in the fallback mechanism. Even if there is usually only one round of overrides, the process is much safer and faster than the DoD standard.

What does “BSI-compliant data erasure” actually mean?
The Federal Office for Information Security (BSI for short) provides a catalog of questions in its IT-Grundschutz Catalogs that companies can use to carry out a requirements analysis. It is important to consider, for example, whether the SSDs, hard drives or magnetic tapes should continue to be used after they have been deleted. Many companies destroy these data carriers for fear of data breaches, and many of these data carriers could still be used after they have been correctly erased. The BSI's requirements analysis also includes many other points - for example which data carriers and data types are available, what protection requirements the stored data have and whether they can be destroyed in accordance with the law using the appropriate tools. So just resetting a company computer is not a solution.

Many companies do not have the necessary skills to comply with BSI-compliant data deletion, so it is advisable to sell your PC and laptop to a specialist company. This ensures that company data does not fall into the wrong hands. We at bb-net offer you absolute security in handling your used IT and sensitive company data from the first step. As an excellent Silver ITAD partner of Blancco, we have the best methods to delete data on storage devices in a safe and environmentally friendly way.

What is BSI-approved data erasure?
For public institutions and authorities, the BSI-approved data deletion is the only correct method of deleting data. And at this point, as a layperson, you will recognize a professional provider: because only a few know the difference and weigh the client in supposed security.
In contrast to BSI-compliant data deletion, the permitted deletion is only fulfilled with Blancco version 6.5.X in conjunction with the BSI-VS-2011 deletion algorithm. The approval enables the secure erasure of magnetic data media (exclusively HDDs) on which data is stored that corresponds to the VS level of confidentiality.

Another challenge: defective data carriers
The destruction of data media is necessary if it cannot be deleted due to defects. But how do you recognize defective data carriers? It is not always easy to see whether a data carrier is defective or just certain sectors of a data carrier. It is important to check carefully whether there are any defects.

With us you can be sure: We check your data carriers for heart and functions. In the event of a defect, there is only one way for us: namely the way into our shredder! A restoration of the data from shredded material is excluded, provided that the appropriate security level has been used. This is defined by DIN 66399-2 and differentiates between seven levels and the goods to be destroyed.

You ask, we have the answers.

Securely delete data - what do I have to consider when selling hard drives and computers?
In order to be able to sell a notebook and delete data, there are a few things to consider, especially with company devices. Special software is required and also appropriate specialist knowledge. We therefore advise you to sell your used hardware to specialist companies like us.

Which program is suitable for securely erasing data?
To sell your PC and erase data, you need more than just a program. It depends on which programs and data have been saved on the device. A general answer is therefore not possible at this point.

Is it enough to set the factory settings to securely delete all data?
Resetting the company computer and done is definitely not enough. Even in the private sector, we would advise against only setting the computer to the factory settings.

Why does not factory reset erase all data?
In many cases a factory reset does not overwrite every sector. That is, the files can be recovered very easily. You don't have to be a professional for this, because it is enough to use the right software for the recovery.