HDD, SSD & NVMe Data Wiping Explained
Learn how to securely erase HDD, SSD and NVMe drives. Understand data wiping methods, GDPR compliance, and best practices for permanent data destruction.
What is Secure Data Erasure?
Secure data erasure (also called data wiping or data sanitisation) is a method of permanently destroying data on a storage device.
Unlike deleting files:
- Data is overwritten or cryptographically destroyed
- Hidden and inaccessible areas are cleared
- Verification confirms no recoverable data remains
This ensures compliance with IEEE, NIST, GDPR, and ISO standards. IEEE 2883 is a global standard for securely sanitizing data storage devices. It improves on the earlier NIST and ISO standards.
Why is Data Erasure Important?
Secure data erasure is essential because:
- Deleted data can still be recovered from SSD, NVMe, ATA, SCSI, USB drives
- Devices and storage systems often contain sensitive personal or business data
- Improper disposal of components that retain data can lead to breaches and fines
Key Risks:
- Identity theft
- Financial fraud
- Reputational damage
- Regulatory penalties (GDPR fines up to €20M among others globally )
Why Deleting Files Isn’t Secure
When files are deleted:
- The system only removes the reference
- Data remains on the drive
- Recovery tools can restore it
👉 Only certified erasure guarantees permanent removal.
Data Erasure Methods Explained
Firmware-Based Erasure (Recommended)
• ATA Secure Erase
• NVMe Sanitize / Format
• SCSI Format Unit
✔ Fast
✔ Highly reliable
✔ Covers hidden sectors
Overwriting (Software-Based)
• Writes data patterns across the disk
• Multiple passes possible
✔ Effective for HDDs
✔ Less reliable for SSDs
Cryptographic Erasure
• Deletes encryption keys
• Instantly renders data unreadable
✔ Fastest method
✔ Ideal for enterprise environments
SSD-Specific Erasure
• Uses randomised overwrite passes
• Avoids ineffective legacy methods
SSDs require specialised handling due to wear levelling.
HDD vs SSD vs NVMe
Storage Type | Best Erasure Method | Key Challenge |
HDD | Overwriting / Firmware erase | Slower speeds |
SSD | Firmware + optimised overwrite | Wear levelling |
NVMe | NVMe Sanitize / Format | Requires modern tools |
Compliance
& Standards
Secure erasure helps meet:
- IEEE…
- NIST SP 800-88 – Global sanitisation standard
- HIPAA – Healthcare data protection
- ISO 27001 / ISO 27040 – Information security
- GDPR (UK/EU) – Mandatory data protection and disposal
👉 Organisations must prove data has been erased, not just claim it.
What is a Data Erasure Certificate?
A data erasure certificate is:
- A tamper-proof record of data destruction
- Includes device ID, method, date, and operator
- Often digitally signed
👉 Required for audits, compliance, and customer assurance.
How Long Does Data Wiping Take?
Erasure time depends on:
- Drive size (GB vs TB)
- Drive type (HDD vs SSD vs NVMe)
- Method used
👉 Firmware-based erasure can reduce time from hours to minutes.
Best Practices for Secure Data Disposal
- Use certified erasure software
- Verify all erasure processes
- Generate audit reports
- Creates a process ‘finger print’ to prove erasure
- Match method to device type
- Follow IEEE, NIST or ISO standards
👉 Never rely on deletion or formatting alone.
ZeroData™ Windows®
ZeroData™ Windows® is a professional data erasure solution for organisations that need secure, verifiable wiping across modern storage environments.
Where it fits:
- Secure erasure of HDD, SSD, NVMe, RAID and removable media.
- Support for ITAD, refurbishment, resale, donation and internal redeployment workflows.
- Verified outcomes with certificate-based evidence for audits and customer assurance.
- Security erasure fingerprint writes to the erased drive as proof of data wiping.
- Runs directly on Windows unlike others that require Linux.
- Overwriting (Software-Based) options of writing zeros, random data, or methods to write different patterns, multiple passes as specified.
- Firmware-Based Erasure – TCG Erase, NVM Format, NVMe Sanitize, Sanitize-Overwrite, Sanitize-Crypto, Sanitize-Block, ATA-SecureErase, ATA-EnhancedSecureErase, ATA-Sanitize, ATA-Crypto-BlockErase, SCSI-Sanitize, SCSI-FormatUnit.
- Cryptographic erasure for all the different drive types.
- SSD-specific erasure SSDStandard, SSDRandom4 and SSDRandom6 (exception of firmware erasure methods)
In short:
- Helps reduce erasure time while maintaining consistent process control
- Strengthens compliance readiness by combining erasure, verification and reporting
- Creates a natural bridge between secure disposal best practice and the specific requirements summarised below
Independent Data Wiping Certification
ZeroData™ Windows® has been independently qualified by an ASCLD/LAB International accredited forensic testing laboratory operating to ISO/IEC. Testing confirmed that the software meets Critical Assessment Level I and Level II requirements, providing additional assurance that erasure processes are independently assessed, repeatable and suitable for compliance-led data sanitisation workflows.
FAQ's
What is the safest way to wipe a hard drive?
The safest method is firmware-based secure erase or certified overwriting with verification, following IEEE or NIST guidelines.
Can deleted files be recovered?
Yes. Deleted files remain on the drive until overwritten and can often be recovered using software which is why permanent data erasure is critical.
Do SSDs require different wiping methods?
Yes. SSDs require specialised erasure methods due to wear levelling and hidden memory areas.
Is formatting a drive secure?
No. Formatting alone does not remove data – it only resets the file system so data is recoverable.
What is the fastest data erasure method?
Cryptographic erase or firmware-based erase (e.g., NVMe Sanitize) are typically the fastest.
How ZeroData™ Windows® Supports These Requirements
ZeroData™ Windows® supports secure data erasure requirements by combining device-specific wiping methods, verification, and audit-ready reporting in a Windows-based workflow. It supports HDD, SSD, NVMe, RAID, SCSI, IDE and removable media, with methods including ATA Secure Erase, ATA Enhanced Secure Erase, NVMe Format, NVMe Sanitize, SCSI Sanitize, SCSI Format Unit, TCG Opal Erase and standards-based Clear and Purge options.
For compliance, ZeroData™ Windows® helps organisations demonstrate that erasure has been completed correctly, not simply claimed. It offers IEEE 2882-2022, NIST 800-88 Rev. 1 and ISO/IEC 27040 aligned methods, includes SSD-specific wiping algorithms, verifies firmware-based erasure, and produces tamper-proof validation certificates to support GDPR, ITAD, refurbishment, resale, donation and internal asset redeployment processes.