[Overview] When Are Encryption and Cryptographic Erasure Not Enough?

Should organizations rely solely on encryption and cryptographic erasure as a means of protecting data? In this document, we’ll discover why the answer to that question is a resounding no. The ideal way to approach data protection, and specifically data sanitization, is to implement a multi-tiered, layered approach that goes beyond encryption alone.

Ask Yourself: “Can we rely 100% on data encryption to protect our data, brand and reputation?” Download Best Practice

What is Encryption?

Encryption is the process of converting information or data into a code to prevent unauthorized access. Encryption is completed by using an algorithm to encode the data so that it can only be deciphered with an encryption key.

What is Crypto-Erase?

What is Cryptographic Erasure (CE)?
This wiping method uses the native command to call a cryptographic erasure, which erases the encryption key. While the encrypted data remains on the storage device itself, it is effectively impossible to decrypt, rendering the data unrecoverable.

Proper implementation of Cryptographic Erasure follows a 3-step process:

  1. Find and overwrite crypto keys and password
  2. Verify full encryption of media
  3. Create tamper-proof report

Pros, Cons & Risks

Pros

Cons

Risks

Download Best Practice.