Chapter 1 Secure Erase Overview; Secure Erase Defined; Secure Erase For Sata Hdd/Ssd Devices - Supermicro X11 User Manual

Super Secure Erase for the X11/X12/X13/B11/B12/B13/H11/H12/BH12/H13 Motherboards User's Guide

1.1 Secure Erase Defined

Secure Erase (Security Erase) implemented in Supermicro's products is, primarily, a firmware-
based process that utilizes the Overwrite command in the ATA Standards to overwrite existing
data from a media drive, such as a hard disk drive (HDD) or a solid state drive (SSD), and
effectively remove the existing data from your computer by writing over it. This Overwrite
command, also known as "Security_Erase_Unit" command in the ATA Standards, works
substantially faster than the "rewrite through read and write" command, and its execution is
so thorough that all existing data in a disk wii be completely written-over and erased from
the disk drive. Due to its efficiency in data removal and cleansing, the Overwrite command is
commonly used in secure erase to help achieve the uttermost data sanitization and system
security that comply with the most stringent privacy laws and meet most rigorous security
requirements in the world as those that are set up by the State of California and the European
Union (EU).

1.1.1 Secure Erase for SATA HDD/SSD Devices

Normal Erase Method Used
Since the Overwrite command is very efficient in removing data from disk drives, Supermicro
uses this command for SATA HDD and SSD devices. There are two methods of the
Overwrite command: "Normal Erase" and "Enhanced Erase". Currently Supermicro uses
"Normal Erase" to securely erase unwanted data to foster our system security as stated
below.
•
Normal Erase: This is the primary method that Supermicro uses for secure erase.
Utilizing the Normal Erase method in the "Security_Erase_Unit" command, also known
as the Overwrite command, all contents stored in the sector of LBA 0 through the
greater "Read Native Max" or "Read Native Max Ext" will be overwritten and replaced
with "0's" and "1's." This method of data erasing is considered very effective and safe,
so it is commonly used in the industry. Supermicro currently uses "Normal Erase" of
the Overwrite command to securely erase data from a disk device, especially from an
SATA SSD device, by executing the Security_Erase_Unit (Overwrite) command in the
"Security Erase" setting of the UEFI BIOS Setup utility in a motherboard.
•
Enhanced Erase: The Enhanced Erase command will overwrite and erase all data that
has previously been written by the user, including the sectors that are no longer in use
as well as the contents that have already been "sanitized" or cleansed" in the HDDs/
Chapter 1
Secure Erase Overview
6