What is Secure Erase?

Secure Erase is a firmware erasure method built into some drives. When available, a command is sent to the firmware of the drive, and the firmware quickly overwrites every sector with a 1 or 0. Since it is an internal process, it is a very quick process. WipeDrive has the ability to determine if the drive can do Secure Erase, and will attempt to use that command to wipe the drive more efficiently. If a wipe pattern contains a pass of all zeros, WipeDrive will opt to use Secure Erase instead on this pass. We now indicate on our logs whether a Secure Erase pass has been completed in order to comply with NIST standards if a NIST pattern is chosen.

If Secure Erase is not supported or is disabled, WipeDrive then does the erasure process manually by writing to every sector on the device. Depending on the wipe pattern chosen, WipeDrive will overwrite each sector of the drive with the appropriate data specified by the selected wipe pattern (0's, 1's or Random).

Here is a web site that gives a brief overview of Secure Erase: https://www.lifewire.com/what-is-secure-erase-2626004

What are the Benefits of Using Secure Erase?

There are many benefits to Secure Erase that make its use recommended. A major benefit is that its use provides  better erasing of remapped sectors.  Using Secure Erase will always be at least as fast, if not substantially faster than overwriting the data directly, this is especially true with SSD's where they can parallelize writes or alternatively reset encryption keys.  On machines with lots of drives attached, you’ll also see a big speed boost because bus speeds are taken out of the equation. Using Secure Erase will also erase the over provisioning areas of a drive (the extra ~10% of the drive that is used for wear leveling on SSD's).

  • 144
  • 17-Mar-2020
  • 1475 Views