DBAN vs. Certified Data Erasure: Which is Right for Your Organization?
When it comes to choosing a data sanitization method for your hard disk drives (HDDs) and other IT assets, there are three questions to consider.
- Does it meet the minimum threshold for your risk tolerance?
- Does it achieve data sanitization?
- Does it meet your organization’s needs to meet industry-specific guidelines and data protection regulations?
1. Determine Risk Tolerance
First, you must understand the level of risk your organization is willing to allow based on government and industry regulations or internal policies with which you must comply. You must also understand the types of data residing on your drives and the level of sensitivity associated with that data.
For a personal computer that’s accessed infrequently and only used to store music, the risk associated with remnant data is much lower than a computer that’s used by a HR Director who stores personal employee information.
Data protection guidelines vary across industries, but HIPAA and EU GDPR are two that refer to to the protection of an individual’s information and carry heavy fines (4% of annual global turnover or €20 Million for EU GDPR) if improperly erased. Most guidelines and regulations also require an auditable trail for your IT assets.
|Supported Erasure Standards||6||22+|
No certificate or guarantee
Digitally Signed Report
(XML & PDF)
|Certifications, Approvals and Compliance|
|DoD 5222.2M, NIST 800-88||✖||✔|
|Third-Party Certifications and Approvals||✖||Common Criteria, NATO,|
CESG, 6+ others
Keep in mind that while DBAN is a great data wiping tool for individuals, it does not achieve data sanitization, and is therefore not a good fit for most organizations — particularly those that are heavily regulated. Blancco Data Eraser solutions achieve data sanitization and guarantee compliance.
Download the full solution brief above to understand how to use DBAN or Blancco solutions to best fit your organization’s unique needs.