Field of the Invention
This invention relates to systems and methods for securely removing data from storage systems.
Background of the Invention
Data erasure (also referred to as data clearing or data wiping) refers to techniques for destroying data on digital media such as hard disk drives, solid state drives, tape, or the like, in a way that renders the data permanently unrecoverable. Such techniques are typically much more comprehensive than conventional file deletion techniques, which often only remove direct pointers or references to data as opposed to destroying the data itself. In many cases, data that has been “deleted” using conventional file deletion techniques may be recovered using various software tools. Unlike degaussing and physical destruction which render digital storage media completely unusable, data erasure techniques typically destroy data in a way that allows the underlying storage media to be repurposed and reused, thereby preserving physical storage assets.
Although various different data erasure algorithms may be used, the data erasure technique developed and promulgated by the U.S. Department of Defense (DoD) is recognized as the industry-wide standard for secure data removal from storage subsystems. The DoD technique is very specific in regard to how data erasure is performed. The DoD data erasure technique uses a sequential process that requires up to eight passes per physical disk drive using random data patterns to overwrite existing data. During each pass, the random pattern is changed and the updated pattern is written over the entire physical disk surface. Unfortunately, the DoD data erasure technique is very slow and substantially impairs I/O performance of storage resources while in process. In many cases, storage resources are taken offline during the DoD erasure process, making them completely inaccessible. In environments containing many storage resources or large amounts of storage, successfully executing the DoD data erasure technique can have a severe impact on operations for days or even weeks.
In view of the foregoing, what are needed are systems and methods to more efficiently execute data erasure processes than those used today, such as the DoD data erasure technique described above. Ideally, such systems and methods will reduce the amount of time required to execute such processes. Further needed are systems and methods to more specifically target data for erasure while processing I/O transactions involving data that is not being erased.