Data security practices and Volume Shredder
The Volume Shredder software enables you to securely erase data on
volumes in the Hitachi Virtual Storage Platform G1000 storage system by
overwriting existing data to prevent restoration of the erased data. For
example, when the user of a volume changes, you may want to purge the
data stored by the previous user before giving access to the new user. This
method of erasing data by overwriting it with dummy data is referred to as
shredding.
Because of the way data is written on the drives, overwriting data once or
twice might not be enough to ensure that the data cannot be restored. The
best practice is to overwrite data at least three times with dummy data.
Volume Shredder allows you to specify the number of times the data is
overwritten, enabling you to ensure compliance with applicable
requirements (for example, DoD5220.22-M).
Supported volume types
You can use Volume Shredder to shred both open-systems and mainframe
systems, including logical devices (LDEVs) and custom volumes (CVs) of all
emulation types. External volumes and Dynamic Provisioning virtual
volumes* can also be shredded.
*When a shredding operation is performed on an unused virtual volume for
Dynamic Provisioning, no dummy data is written to the volume.
You cannot use Volume Shredder to shred the following types of volumes:
•
Pool volumes
•
Virtual volumes for Thin Image
•
Journal volumes
•
Volumes that are not write-enabled (access attribute is not read/write)
•
TSE-VOL
Volume Shredder operations
The following figure shows user data that is being overwritten three times
(default value for number of overwrites). Volume Shredder overwrites data
using the following dummy data values:
•
The first overwrite is 00.
•
The second overwrite is FF.
•
The third overwrite is 00.
1–2
Hitachi Virtual Storage Platform G1000 Hitachi Volume Shredder User Guide
Overview of Hitachi Volume Shredder