Written By Abhishek Jain
Updated on Mar 23, 2022
Min Reading 3 Min
This article explores the process of data center decommissioning and cites the importance of software-based data erasure during this process. It enlists the various ways in which overwriting data can help an organization to ensure data security and prevent data breach during data center decommissioning.
A data center is a facility where organizational computing systems, servers, and associated components, such as network and storage devices are located. Data center decommissioning is the practice of dismantling computing systems and hardware for disposal, recycling, relocation or reuse as the data is transferred to the upgraded servers. Decommissioning a data center is as difficult as installing one and given the sensitive nature of organizational data, the decommissioning process requires thorough planning and careful execution.
While retiring IT Assets in a data center, follow a quick checklist of items as listed below:
Retiring of Data Center is not just about dismantling and removing the IT hardware. It is also about maintaining data security at all levels. Absence of Data protection during removal process of redundant hardware may lead to hackers gain access to data at rest and misuse sensitive information causing data breaches. It is thus imperative to completely sanitize and destruct data during the decommissioning process. Morgan Stanley data breach is a classic example of how ignoring due diligence in data center decommissioning can lead to data breach and subsequent penalties worth millions of dollars. Also, outdated systems and equipment do not come with the latest features and security updates. Thus, IT assets at the end-of-life possessing sensitive data can be breached if proper care is not taken to dispose them. This may ultimately lead to data breach lawsuits and loss of the company’s reputation.
Secure data erasure during data center decommissioning can be helpful in more than one ways.
During decommissioning process, data erasure helps in wiping unwanted data from drives and servers at the company’s own facility either through a vendor or by the company itself. The advantage of on-site data destruction is that data and device exchange very few hands and the process can be witnessed by concerned at company’s facility. When you plan to opt for secure data erasure, ensure your data erasure tool or your service provider complies with prominent standards like NIST 800-88 (National Institute for Standards and Technology) and DoD 5220.22-M (U.S. Department of Defense).
Ensuring data security throughout the data lifecycle is critical and software-based data erasure ensures secure and permanent wiping of all your sensitive data beyond retrieval even in a laboratory setting. You can achieve media sanitization across all your data center IT Assets with data erasure, whether it is your redundant hard drives, solid-state drives, servers, virtual machines or logical storage area networks. Software-based data erasure produces a 100% tamper-proof report for every erasure performed to ensure that wiping was successfully done.
Organizations are obligated by law like EU-GDPR, CCPA, SOX, HIPAA etc. to include data destruction as a part of their IT Asset management policy. Modern data protection laws demand secure data destruction that leaves no traces behind. Use of a certified and professional data erasure tool like BitRaser is recommended as it helps in ensuring compliance with these global data protection legislation by destroying information securely and generating auditable reports. In case third-party vendor is involved in decommissioning, organizations should demand use of certified and reliable data sanitization tool.
Software-based erasure produces certificate of destruction for every instance of wiping. It acts as an audit trail for the complete data erasure process. The Certificate helps an organization prove that it has securely destroyed the data. It also promotes trust towards the third-party vendor performing media sanitization during data center decommissioning on behalf of your organization. When data is securely wiped, it eliminates all possibilities of data getting compromised or breached.
Data erasure forms an integral part of data center decommissioning services as it deals with the most important element of a data center i.e. its sensitive data. The absence of right data destruction policy and any ignorance in ensuring due diligence in the disposal of sensitive information may lead to data leakage and breach. This can not only cost huge penalties and loss of reputation to the organization but also hampers business-critical work and loss of customer trust. It is thus pivotal for every organization to ensure that it either deploys a professional and certified data erasure tool or hires a third-party vendor that uses these certified software and generates certificate for every wiping executed.
BitRaser is NIST Certified
Related Articles
![]() |
NIST Clear |
![]() |
NIST-ATA Purge |
![]() |
US Department of Defense, DoD 5220.22-M (3 passes) |
![]() |
US Department of Defense, DoD 5200.22-M (ECE) (7 passes) |
![]() |
US Department of Defense, DoD 5200.28-STD (7 passes) |
![]() |
Russian Standard – GOST-R-50739-95 (2 passes) |
![]() |
B.Schneier’s algorithm (7 passes) |
![]() |
German Standard VSITR (7 passes) |
![]() |
Peter Gutmann (35 passes) |
![]() |
US Army AR 380-19 (3 passes) |
![]() |
North Atlantic Treaty Organization-NATO Standard (7 passes) |
![]() |
US Air Force AFSSI 5020 (3 passes) |
![]() |
Pfitzner algorithm (33 passes) |
![]() |
Canadian RCMP TSSIT OPS-II (4 passes) |
![]() |
British HMG IS5 (3 passes) |
![]() |
Zeroes |
![]() |
Pseudo-random |
![]() |
Pseudo-random & Zeroes (2 passes) |
![]() |
Random Random Zero (6 passes) |
![]() |
British HMG IS5 Baseline standard |
![]() |
NAVSO P-5239-26 (3 passes) |
![]() |
NCSG-TG-025 (3 passes) |
![]() |
5 Customized Algorithms & more |
Listening...