What are safe methods or tools for wiping data off a laptop SSD hard drive? The Security Department has recommended a dedicated solution such as Blancoo, but it is more extensive. The IT department has advised using native Windows 10 features, which are free.  Therefore, I'd like to know your thoughts on the best course of action.

Data Protection & Encryption
1.8k views1 Upvote3 Comments
Sort By:
Oldest
Senior Information Security Manager in Softwarea year ago
When it comes to SSDs, degaussing is not effective on SSD media.  And software overwrite is not foolproof.

Physical destruction remains the only fail-safe method to date, but in order to be effective, even shredding and crushing require a different approach than for standard hard drives.

And ensure the device you are using for that meets the requirements of NSA/CSS evaluated products list for solid-state disintegrators. Which just happened to be updated.

https://www.nsa.gov/Portals/75/NSAEPLSolidStateDisintegratorsJuly2023.pdf

 
2
Head of Cyber Security in Manufacturinga year ago
Good questions, it really depend in what kind of industry you work and what data you have.

As a first and easy mitigation measure no matter if its a notebook/tablet/smartphone or a Storage in your basement , try to get encryption up and running this will as a first step kill edge cases where procedures of physical destruction/erasing were not followed at 100% (yes you can bruteforce, and we have currently TPM Issues but its way better than having nothing).

For the rest see the referenced NSA pdf by @ben Rothke
lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
Director of IT in Softwarea year ago
We used to use Blancco software but the renewal for it was insanely expensive.

After testing a few solutions we went with YouWipe (youwipe.com). It is far more cost effective (with a simpler pricing model) and in my own testing is quicker than Blancco to deploy, use and wipe drives (HDD and SSD).

Would definitely recommend contacting them and getting a trial.

Content you might like

Are organizations managing IT security internally, or are they outsourcing to specialized security companies? If they are outsourcing, how do they ensure the security vendor can handle all potential threats and vulnerabilities?

Applications & PlatformsSecurityData Protection & Encryption+8 more
Director of IT in Education2 months ago
We do a combination of both.
931 views1 Comment

What is your organization’s current status for implementing endpoint security to protect O365 on mobile devices?

End-User Services & CollaborationSecurity & GRCDevice Management+14 more

Implementation complete23%

Implementation in progress54%

Planned within the next 12 months12%

Not planned7%

Not enabling O365 on mobile2%

View Results
2.4k views2 Upvotes

How do you implement cryptography for top secret information exchange foreseeing a post quantum scenario soon and what types of algorithms do you use? What about network security, are VPN keys are more secure?

Security & GRCNetworkData Protection & Encryption+6 more
CISO in Softwarea year ago
I think we need to be patient and wait for approved NIST algorithms and not rush ahead.
1
Read More Comments
4.2k views1 Upvote5 Comments

Does anyone have experience using Microsoft Purview policy tips? Are policy tips reliable and consistent? For example: sending a test email with a Word attachment containing test data i.e Debit Card information triggers the policy tip. However, sending an email with an Excel attachment with the same test data does not trigger the policy tip. Thanks for any feedback.

Process ManagementData PrivacyData Protection & Encryption
1.1k views

What do you predict will happen to your organization in 2020?

Security & GRCData Protection & Encryption

Phishing scam that results in credential theft18%

Disruption to processes caused by malware29%

Cyberattack that causes significant downtime26%

Data breach involving thousands of records12%

Noncompliance fine1%

Leakage of confidential email4%

Other (please comment)7%

View Results
2k views2 Comments