What are safe methods or tools for wiping data off a laptop SSD hard drive? The Security Department has recommended a dedicated solution such as Blancoo, but it is more extensive. The IT department has advised using native Windows 10 features, which are free.  Therefore, I'd like to know your thoughts on the best course of action.

Data Protection & Encryption
1.8k viewscircle icon1 Upvotecircle icon3 Comments
Sort by:
Director of IT in Software2 years ago

We used to use Blancco software but the renewal for it was insanely expensive.

After testing a few solutions we went with YouWipe (youwipe.com). It is far more cost effective (with a simpler pricing model) and in my own testing is quicker than Blancco to deploy, use and wipe drives (HDD and SSD).

Would definitely recommend contacting them and getting a trial.

Head of Cyber Security in Manufacturing2 years ago

Good questions, it really depend in what kind of industry you work and what data you have.

As a first and easy mitigation measure no matter if its a notebook/tablet/smartphone or a Storage in your basement , try to get encryption up and running this will as a first step kill edge cases where procedures of physical destruction/erasing were not followed at 100% (yes you can bruteforce, and we have currently TPM Issues but its way better than having nothing).

For the rest see the referenced NSA pdf by @ben Rothke

Senior Information Security Manager in Software2 years ago

When it comes to SSDs, degaussing is not effective on SSD media.  And software overwrite is not foolproof.

Physical destruction remains the only fail-safe method to date, but in order to be effective, even shredding and crushing require a different approach than for standard hard drives.

And ensure the device you are using for that meets the requirements of NSA/CSS evaluated products list for solid-state disintegrators. Which just happened to be updated.

https://www.nsa.gov/Portals/75/NSAEPLSolidStateDisintegratorsJuly2023.pdf

 

Lightbulb on2

Content you might like

How is your organization mitigating risks from smart wearables or covert recording devices during sensitive conversations? Please share any relevant policies, technical solutions, or experiences managing this challenge.

Any tips or best practices you can share for developing a cryptographic bill of materials (CBOM)? What’s the best way to get started?

As cyber recovery becomes more to the forefront for Disaster Recovery professionals, preparation for ransomware recovery is now starting to mature.  On-premises, and cloud-based solutions, and often with on-premises solutions comes the implementation of Secure Isolated Recovery Environments (SIRE). As your organization matures their cyber recovery solutions, is your or will your organization consider and or implement a on-premise, cloud-based, or hybrid secure isolated recovery environment? 

What is a Secure Isolated Recovery Environment (SIRE)?18%

Focus on an On-Premise SIRE.40%

Focus on a Cloud-based SIRE.43%

Focus on a hybrid SIRE.23%

Know about Secure Isolated Recovery Environments but no current plans to implement.4%

View Results

Should data governance be run by IT, or does it require a collaborative effort?

Data governance should be run by IT.21%

Data governance requires a collaborative effort.70%

It depends (please specify in the comments)8%

Unsure

View Results

We're facing a challenge in R&D: our current DRM solution effectively protects sensitive TSIP (Trade Secret and Intellectual Property) data, but it prevents researchers from searching across encrypted files—hindering their work.

While we’ve considered relying solely on SharePoint permissions and Entra capabilities, the growing risk of insider threats makes this a last resort.

Has anyone solved a similar issue? Are there DRM or encryption solutions that allow secure, searchable access to protected content?