A degausser is a device used to demagnetize magnetic storage media such as hard drives, floppy disks, and magnetic tape. Degaussing renders any previously stored data on magnetic media unreadable by randomizing the magnetic domains on the media. There are several situations where degaussing magnetic media is necessary or recommended.
Before Disposing of Storage Media
One of the most common reasons to degauss storage media is before disposing of old hard drives, floppy disks, tapes, etc. Even if you have deleted files or formatted the media, the data itself still remains intact in most cases. By degaussing, you can ensure no sensitive or confidential data can be recovered from the media if it falls into the wrong hands.
Many government agencies and contractors that handle classified information are required by policy to degauss magnetic media before disposal. Financial institutions, healthcare providers, and other companies dealing with sensitive customer data may also degauss as part of their data security protocols.
Before Donating or Selling Used Equipment
Similarly, degaussing is recommended before selling, donating or recycling old computers, servers and other equipment that might still have internal hard drives or other magnetic media. You don’t want confidential corporate data or personal information to be accessible to whoever ends up with the equipment next.
Before Servicing/Repairing Equipment
IT departments and computer repair shops should degauss hard drives and other media before servicing or repairing equipment. This protects any proprietary software or other sensitive data that might be stored on the drive from being accessed or copied while the device is in the possession of repair technicians.
Before Redeploying Storage Media
If your organization reuses IT equipment and storage media internally across different departments, degaussing should occur before deployment to a new department. This prevents any data leakage across business units or access to data employees should not have.
To Sanitize Media for Internal Reuse
Some organizations degauss hard drives and tapes on a periodic basis as part of their security protocols, even if the media will continue to be used internally. This essentially sanitizes the media on a regular schedule to avoid accumulation of sensitive data over time.
To Quickly Purge Data
Degaussing can quickly purge all data from a hard drive or other magnetic storage device in just seconds. This can be much faster than overwriting or destroying media, making it preferable in time-sensitive situations.
When Complete Destruction is Not Required
Physically destroying media through shredding, incineration or other methods provides the highest level of data security. However, it permanently destroys the media. Degaussing provides a quick, cost-effective way to sanitize media when physical destruction is not required.
To Remove Sensitive Data from Backup Tapes
Backup tapes that are rotated off-site for disaster recovery purposes often contain highly sensitive or confidential data. Degaussing provides a way to safely sanitize these tapes before they are sent off-site for longer-term storage.
Before Transporting Media for Secure Disposal
Some organizations do not have degaussing capabilities on-site. In these cases, media to be destroyed may first need to be degaussed before being transported to a secure disposal facility to prevent data exposure during transport.
To Remove Resident Data from Shared IT Assets
Shared pools of equipment such as laptops, printers, hot-swap drives and other IT hardware used by many different employees can accumulate sensitive information over time. Periodic degaussing helps purge residual data from these shared assets.
To Prevent Data Recovery from Damaged Media
If a hard drive or other media is damaged but still functional, degaussing can often render data unrecoverable before attempting repair. This avoids the risk of data exposure during the repair process.
To Align with Industry Best Practices
Regulatory standards like PCI DSS require degaussing or physical destruction of media containing cardholder data. Aligning with best practices such as NIST guidelines generally includes degaussing as part of an end-of-life media process.
When Faster ThanOverwrite Destruction is Needed
Overwriting (multiple overwrite passes) can take hours to completely purge data from a modern high-capacity SATA hard drive. Degaussing can destroy data in just seconds, making it preferable when time is a factor.
To Destroy Data on Flash Memory Chips and SSDs
Solid state drives (SSDs) store data in flash memory chips rather than on magnetic platters. Degaussers with high magnetic field strengths can destroy data on flash memory in addition to traditional magnetic storage media.
When Physical Destruction is Impractical
Physically destroying hard drives or tape cartridges requires disassembly and often creates shards or debris that must be disposed of properly. Degaussing provides data sanitization without having to deal with the impracticalities of physical destruction.
To Reduce Liability Associated with Data Breaches
By degaussing media, organizations can demonstrate they took reasonable steps to sanitize data according to established standards. This can potentially reduce liability and regulatory fines in the event of a data breach associated with improper media disposal or reuse.
Types of Degaussers
There are a variety of degausser types and form factors available depending on the media you need to sanitize:
Handheld Wand Degaussers
Small wand-style degaussers are manually operated. You physically pass the media back and forth through the magnetic field until deactivated. Useful for tapes, floppies, small hard drives.
Countertop Degausser
Countertop degaussing machines are around the size of a desktop printer and designed to sanitize multiple media including hard drives, tapes, smart cards, etc. Larger models can handle 19” rackmount servers.
Conveyor Degaussers
Heavy-duty degaussers continuously generate an intense magnetic field over a conveyor belt. Large volumes of backup tapes, hard drives and other media can be efficiently sanitized.
Electromagnetic Hand Degaussers
These manually-operated degaussers use an electromagnet to generate a strong field suitable for SSDs, RAM and circuit boards. Helpful for detailed sanitization.
Solid State Drive Degaussers
SSD degaussers generate higher intensity pulsed magnetic fields required to purge data on flash memory chips. They provide verification of sanitization after degaussing.
Key Considerations When Purchasing a Degausser
Here are some factors to consider when selecting a degausser for your organization:
| Media types | Ensure the degausser supports all media you need to sanitize (hard drives, tapes, SSDs, etc.) |
| Throughput | Choose a model with throughput adequate for your organization’s volume requirements |
| Ease of use | Look for safety features and automation to simplify the degaussing process |
| Compliance | Select a degausser that aligns with any industry or government standards you must comply with |
| Verification | Models with post-degaussing verification ensure the process was successful |
| Support | Manufacturer’s warranty and customer service support add assurance and convenience |
Evaluating Data Security Needs First
Before investing in a degausser, organizations should evaluate their overall data security program to determine if degaussing fits into their policies and procedures for managing sensitive information throughout the data lifecycle. Key considerations include:
Classifying Data by Sensitivity Level
Conducting a data classification assessment allows you to categorize information by sensitivity level (public, internal, confidential, etc.) This enables proportional safeguards to be applied to data commensurate with its level of sensitivity.
Identifying High-Risk Data Types and Locations
Understanding specifically where sensitive data resides, such as on end user workstations, servers, backup media, and in archives or cloud services, enables selective use of degaussing where it is needed most.
Evaluating Access Controls and Data Segregation
How data is accessed and segregated, such as network segmentation and access controls, also impacts the risk of unauthorized exposure and the need for degaussing media at end-of-life.
Considering Data Retention Policies
Retention schedules that minimize storage of sensitive data can reduce reliance on degaussing and destruction to take media completely out of circulation when no longer needed.
Assessing Organizational Security Culture
The level of security awareness among employees and whether proper media sanitization protocols are consistently followed should guide reliance on degaussing as a failsafe.
Taking these factors into account as part of a holistic data security strategy ensures degaussing is used selectively and cost-effectively to fill any gaps not addressed by other safeguards.
Conclusion
Degaussing is an important tool to permanently erase data from magnetic media before disposal, reuse, servicing or any situation where sensitive information could be compromised. By selectively applying degaussing as part of a larger data security program, organizations can cost-effectively mitigate data breach risks without destroying media unnecessarily.