Seagate ST1100FR0000 Seagate X8 Accelerator User Guide for VMware - Page 28

7.5 USING VGC-SECURE-ERASE FOR PURGING DATA ON THE DRIVE To purge or clear user data, vgc-secure-erase can be used on a given partition. The feature ensures all user data is removed from flash media. The usage model is that if a device needs to be returned to the factory for repair/replacement, or is being leveraged for a new project by the customer, all potentially sensitive data needs to be securely removed prior to leaving the facility or redeployment for another project. The standards call this process 'sanitization'. The sanitization standards are different depending upon what type of media is being used. For example, the standards for magnetic disk media are different than what is required for flash memory. Seagate has a Secure Erase Utility that will perform this function for customers who need to securely erase data from a device. Data Sanitization Standards There are different levels of Sanitization specified in the standards: Clear and Purge. In most cases, the Clear level of Sanitization will suffice for most use cases, but in some cases Purge will be required. Both types of sanitization are supported by the Seagate Secure Erase Utility. The Seagate Secure Erase Utility complies with the Clear and Purge levels of Sanitization in accordance with the following Government standards: • DOD 5220.22-M - Complies with sanitization requirements for Flash EPROM (http://www.dss.mil/documents/pressroom/isl_2007_01_oct_11_2007_final_agreement.pdf) • NIST SP800-88 - Complies with instructions for Flash EPROM (http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_with-errata.pdf) The specifications state the following requirements for the two levels of Sanitization: • Clear (directly quoting from NIST and DOD publication): Perform a full chip purge as per manufacturer's data sheets • Purge (directly quoting from NIST and DOD publication): Overwrite all addressable locations with a single character, followed by performing a full chip erase as per manufacturer's data sheets. Operation The device needs to be in a minimally operative state in order to use the Secure Erase Utility. The Secure Erase Utility will attempt to erase all user data from the device according to which ever method is chosen by the user (Clear or Purge). If it is not successful due to the fact that some blocks that contain user data are no longer accessible due to media failure, error messages will be produced. There are some cases where a block is not usable from the start and is marked bad when the device is shipped from the factory, and therefore never receives any user data. These blocks cannot be 'sanitized' either, but since they are guaranteed never to receive user data the tool can successfully sanitize a device even when these blocks are present. NOTE This is not an esxcli command and needs to be executed at the shell. SEAGATE X8 ACCELERATOR FOR VMWARE ESXI USER GUIDE, REV. A 24