Royal Canadian Mounted Police
Symbol of the Government of Canada
Skip to content | Skip to institutional links

Common menu bar links

Home > Technical Security Branch > Publications > B2-002 IT Media Overwrite and Secure Erase Products 

B2-002 IT Media Overwrite and Secure Erase Products

PDF PDF Version (52 KB)

IT Security Bulletin
Lead Agency Publication   B2-002

Revision: May 2009
Replaces B2-001

In 2005, the RCMP discontinued technical support and distribution of its free hard drive overwrite software, known as “DSX”. This was due to the availability of commercial software which performs similar functions with advanced technical abilities. Current users may continue to use and/or distribute copies of the software within their respective organizations in accordance with the DSX User Agreement but as hard drive capacities increase there is a higher likelihood it will return an error message and will therefore not function. The amount of time for performing the overwrite has also become a factor. Clients are therefore encouraged to migrate to a new disk overwrite tool.

In 2007, the RCMP, CSEC (Communication Security Establishment Canada) and PWGSC (Public Works and Government Services Canada) jointly initiated the IT Cryptographic NMSO (National Master Standing Offer) Program to pre-qualify IT Security products and facilitate their procurement by GoC departments. The NMSO Request For Proposals contained the necessary performance criteria. The RCMP and CSEC provided the evaluation for this program. With the aide and guidance from an Interdepartmental Working Group (RCMP, CSEC and HRSDC), the program was fully implemented in October 2008. Successful products are now listed on the PWGSC website and are subject to Standing Offer renewal. Only those products listed on the current PWGSC National Master Standing Offer in the Hard Drive Overwrite Solution Sub-Program category are approved for new purchase. Products that were previously approved under this program normally remain approved while in use unless specifically identified for removal from service for cause. Note that the products listed in B2-001 before May 2009 were not subjected to performance-based testing that now applies to all products covered by the Hard Drive Overwrite Solution Sub-Program and should therefore be replaced when practical by products listed on the PWGSC National Master Standing Offer for Hard Drive Overwrite Solutions.

CMRR Secure Erase Utility

The Center for Magnetic Recording Research (CMRR) at the University of California, San Diego
has researched, developed and implemented a secure method for hard drive erasure. The “Secure Erase” command is a standard feature embedded in the firmware of all standards compliant ATA hard drives manufactured since 2001 as well as some enterprise-level SCSI drives. This command allows for extremely reliable purge level data erasure to be done without the need for additional software since it is built into the drive resident firmware. The command is not yet ubiquitous, but is slowly being incorporated into new drives as they are produced. To date it has not been included in any Operating Systems so it is currently most “user-friendly” when implemented via a hardware solution. The Blancco PC Edition software (#1) and the hardware devices below (#2 and #5) use this technology but also allow for a typical overwrite if the hard drive is unable to invoke Secure Erase. At present, the command is only available for ATA drives mentioned above. It is also available for SCSI hard drives at the discretion of the manufacturer, but most have not implemented it yet. The Secure Erase feature is not a feature available for USB thumb drives or flash memory modules.

Security Classification

All products covered by the Hard Drive Overwrite Solution Sub-Program NMSOs are approved for erasure of data up to and including Protected "B" when used in accordance with the manufacturer’s instructions.

All products covered by the Hard Drive Overwrite Solution Sub-Program NMSOs are approved for downgrading Hard Drives from Top Secret to Secret as a preliminary stage in physical destruction. See the table for Destruction Standards – magnetic media in the CSE guide ITSG-06: www.cse-cst.gc.ca/documents/publications/itsg-csti/itsg06-eng.pdf

These details are also reproduced in section 3 of the Guide to Destruction Equipment Selection in the RCMP Security Equipment Guide under “Destruction”.

www.rcmp-grc.gc.ca/tsb-genet/seg/html/home_e.htm
(accessible through the Canadian Government GENet.)

Application

A fixed process should be developed and employed by the department so that all drives are consistently cleared in a safe and secure manner.

NMSO List

Access to the NMSO list is via the PWGSC Standing Offer Index Website (accessible through the Canadian Government GENet):

All NMSOs will be posted to the PWGSC Standing Offer Index website, which can be found at: http://soi.pwgsc.gc.ca/app/index.cfm?fuseaction=sim.search&srch=&altlang=-e

On this website the person has to choose the following info:

  • Please choose your department(s) or agency(ies)
    Example: E-Public Works and Government Services Canada
  • Please choose your delivery point(s)
    Example: National Capital Region
  • Please choose your mandatory commodity group(s)
    Communication Detection and Coherent Radiation equipment (N58)

Then hit the “Search” button

A list of categories for the NMSOs comes up and for this particular Program two different listings are mentioned:

Communications Security Equipment and Componentsblackberry ***

This category has the majority of security and Cryptographic NMSOs

NMSO products

At the date of this bulletin, the data erasure products on the NMSO are as follows:

  1. Blancco Data Cleaner + (or now known as Blancco PC Edition)
    Blancco Pro
    Blancco LAN Server
    Blancco Digital Media Shredder
    Vendor: Inside the box Inc.
    www.blancco.com/goc
    NMSO: E60QE-08BIO4/001/QE (software solution)
    rfc@insidethebox.com
  2. Ensconce Data Technology’s “Digital Shredder”
    Vendor: ConvergeNet
    ryk@converge-net.com
    www.deadondemand.com/products/digitalshredder
    NMSO: E60QE-08BIO4/002/QE
    (hardware solution invoking “Secure Erase” and overwrite).
  3. EBAN 2.0 for Mass Drive Wiping
    Vendor: GEEP Ecosys
    www.geepgoc.com
    NMSO: E60QE-08BIO4/003/QE (software solution)
  4. Wipe Drive 5 Enterprise by WhiteCanyon Software
    www.whitecanyon.com/goc
    Active@KillDisk by LSoft technologies
    https://secure.lsoft.net/clients/
    Vendor: Dell Canada
    NMSO: E60QE-08BIO4/004/QE (software solution)
  5. The Hammer” by CPR Tools
    SCSCI Hammer” by CPR Tools
    Vendor: Binatek
    www.binatek.com
    NMSO: E60QE-08BIO4/005/QE (hardware solution invoking “Secure Erase” and overwrite)
Procurement of the Erasure Products:

The contact person at PWGSC for this NMSO is:

Douglas Hamilton, Supply Specialist, Tactical & Strategic Information System Division – QE
douglas.hamilton@tpsgc-pwgsc.gc.ca
Portage III 8C2 - 41
11 Laurier Street, Gatineau, Quebec
K1A 0S5 Canada

Tel.: (819) 956-0586
Fax: (819) 956-6907

Technical questions regarding data erasure may be directed to:
tsb-clientservices@rcmp-grc.gc.ca


To read Adobe Acrobat (PDF) files, you may need to download and install the free Adobe Reader available from Adobe Systems Incorporated.

Date Modified: 2009-05-20

Top of Page
Important Notices