Confidently erase data in active environments and from used IT assets.
Boost services throughout the device lifecycle—from first sale to end-of-life.
Expedite processes, recover more marketable product, and increase services.
Home » Resources » What Makes Blancco’s Certificates Tamper-Proof?
Blancco issues customers tamper-proof erasure certificates that document proper data sanitization, providing regulators and auditors with an immutable record of compliance stored in a cloud-based, searchable central repository for easy access.
Let’s see how tamper-proof certificates of erasure simplify audits and bring you peace of mind.
David is a technology-focused writer with more than 20 years of professional experience. A former reporter, David has written on a wide range of topics. As senior content writer at Blancco, he supports the company’s thought leadership, content marketing, and social media efforts.
It is no longer acceptable to just destroy data. Businesses need to provide data privacy and protection regulators an official record to prove they followed industry requirements. Blancco data erasure solutions produce a tamper-proof certificate for each erasure, but what exactly does “tamper-proof” mean?
For every Blancco data erasure, we create an erasure certificate that is digitally signed and features a unique identifier that cannot be modified or adjusted. This ensures that your erasure certificate is valid, and that you can be sure that data has been completely and forever removed from the drive or device.
You can also provide immutable evidence to show regulatory and industry compliance: The digital signature is a hash of the report content and is unique to each report (hashes provide a one-way encryption method that adds another layer of security). This digital signature changes completely if any change is made to the report and ensures integrity and authenticity.
Signatures are created with a private key unique to the Blancco product you are using and a companion public key stored in the Blancco Management Console. These keys work together and are used to verify authenticity.
Blancco’s technology also enables you to create your own digital signature through a pair of keys. These keys can be generated using the RSA algorithm.
This custom digital signature is supported in Blancco Drive Eraser v6.12.0 and higher. Blancco Drive Eraser Configuration Tool v2.12.0 or higher is required to upload the private key. It can also be used to generate unique keys if need be.
While digital signatures help render erasure certificates tamper proof, the certificates themselve report on and validate the erasure process. These reports provide details on what asset was erased, the erasure method used, what type of data was erased, and the level of erasure, along with a chain of custody of hardware. All of this information is critical to auditors who need to map erasure activity against industry and regulatory data destruction requirements.
The Blancco Management Console acts as the repository for erasure certificates and ensures an unbroken chain of custody. If even a single comma has changed on the certificate, the Blancco Management Console will detect it during report verification. As a user, you can still view the report, but you will get a notification about the change.
Security and privacy requirements for organizations, including federal legislation (e.g., HIPAA), state legislation (e.g., California Privacy Rights Act), international regulation (e.g., GDPR), and industry frameworks (e.g., PCI, COBIT) require that no-longer-needed data be sanitized so that it isn’t subject to unauthorized access. If data isn’t sanitized correctly and in a timely manner, there can be significant consequences, including hefty fines, costly data breaches, damage to brand reputation, and a loss of customers.
In addition, the very definition of proper data sanitization typically requires a certificate. The most referenced media sanitization guidance document, NIST SP 800-88, v1, for instance, requires a certificate of destruction to achieve sanitization, so a tamper-proof report is a critical element of that process.
Blancco’s reporting system provides auditors with a certified recorded history of data erasure. And, the Blancco Management Console provides permissions-based, centralized access to auditors, allowing them to easily confirm compliance.
For companies like yours, having tamper-proof erasure certificates provides an extra layer of security. You know with confidence that your data is completely unrecoverable, and that the reports you provide to auditors are fully accurate, ensuring seamless compliance and greater peace of mind.
Securely erase sensitive files and folders and free disk space from PC desktop computers, laptops, and servers—either manually or automatically.
Learn how with our short video.