What is the difference between data erasure and data destruction?

Data erasure uses software to overwrite data so it cannot be recovered while keeping the drive reusable. Data destruction physically damages the drive (shredding, degaussing, incineration) making it permanently unusable. Erasure is preferred when drives will be reused or resold.

What does sanitization mean in data security?

Sanitization is the process of making data on storage media unrecoverable regardless of the recovery method used. NIST 800-88 defines three levels: Clear (logical overwriting), Purge (firmware-level commands or cryptographic erase), and Destroy (physical destruction).

What is the difference between Clear, Purge, and Destroy?

Clear overwrites data using standard write commands, protecting against simple recovery tools. Purge uses firmware-level or physical techniques like ATA Secure Erase or cryptographic erase, protecting against laboratory recovery. Destroy renders the media physically unusable through shredding, disintegration, or incineration.

What does NIST 800-88 stand for?

NIST SP 800-88 is the National Institute of Standards and Technology Special Publication 800-88, titled Guidelines for Media Sanitization. Currently in its second revision (Rev. 2, September 2025), it provides the most widely referenced framework for data sanitization in the United States.

What is cryptographic erase?

Cryptographic erase (CE) destroys the encryption key on a self-encrypting drive (SED), making all stored data permanently unreadable. Since the data itself remains on the drive but cannot be decrypted, this method is extremely fast regardless of drive capacity.

What is wear leveling and why does it affect data erasure?

Wear leveling is an SSD controller feature that distributes writes evenly across flash memory cells to extend drive lifespan. This means the controller may remap data to different physical locations without the operating system knowing, leaving remnant data in cells that standard overwrite tools cannot reach.

Data Erasure Glossary: Complete A-Z Terminology Guide

Q: What is a certificate of erasure?

A certificate of erasure (also called certificate of data destruction or certificate of sanitization) is a formal document confirming that specific storage media has been sanitized according to a defined standard. It typically includes drive serial numbers, erasure method used, verification results, date, and responsible personnel.

Data erasure, media sanitization, and secure data destruction involve a web of technical terms — from firmware commands and flash memory internals to regulatory standards and compliance frameworks. Whether you are an IT professional building a sanitization policy, a business owner trying to meet HIPAA or GDPR requirements, or a consumer wiping a personal laptop before selling it, this glossary covers the terminology you need. Bookmark it and come back whenever you encounter an unfamiliar term.

Key Takeaways:

Data erasure and data destruction are different — erasure keeps drives reusable, destruction does not
NIST 800-88 Rev. 2 (September 2025) defines three sanitization levels: Clear, Purge, and Destroy
SSDs require fundamentally different erasure methods than HDDs due to wear leveling and flash memory architecture
A single overwrite pass is sufficient for modern HDDs — multi-pass methods are legacy practices
Firmware-level commands (ATA Secure Erase, NVMe Sanitize, Crypto Erase) are the correct approach for SSD sanitization

A

ATA Secure Erase

A firmware-level command built into the ATA specification that instructs a drive's controller to erase all stored data. On HDDs, it overwrites every sector including reallocated ones. On SATA SSDs, it resets all flash memory cells, reaching areas that software-based overwriting cannot access due to wear leveling and over-provisioning. ATA Secure Erase achieves NIST 800-88 Purge level and typically completes in minutes on SSDs. See also: Enhanced Secure Erase, Sanitize Command. Learn more in our SSD secure erase guide.

ATA Enhanced Secure Erase

An extended version of ATA Secure Erase that writes a vendor-specific pattern to all sectors, including reallocated and previously inaccessible areas. On some drives, Enhanced Secure Erase performs a more thorough wipe than the standard version, though the exact behavior is manufacturer-dependent. Check your drive's documentation to understand what the enhanced variant actually does on your specific hardware. See also: ATA Secure Erase.

B

Bad Sectors

Sectors on a hard drive that can no longer reliably store data due to physical damage or degradation. The drive's firmware marks them as unusable and reallocates data to spare sectors. Bad sectors create a data erasure concern because standard overwrite tools skip them — the original data remains in the damaged sector even after a full wipe. Firmware-level erase commands address bad sectors, which is one reason NIST 800-88 recommends Purge-level sanitization for drives with reallocated sectors. See also: Remapped Sectors.

BitRaser

A commercial data erasure software suite developed by Stellar. BitRaser Drive Eraser supports multiple erasure standards (including NIST 800-88 and IEEE 2883), generates tamper-proof certificates of erasure, and works on HDDs and SSDs. It is one of the primary professional-grade erasure tools available. See our BitRaser review and best data erasure software roundup.

Block Erase

A flash memory operation that resets an entire block of NAND cells to an erased state. SSDs organize flash memory into pages (typically 4-16 KB) grouped into blocks (typically 256 KB-4 MB). Block erase is the lowest-level erase operation the flash controller performs. The NVMe Sanitize Block Erase command triggers this operation across all blocks on the drive, achieving NIST 800-88 Purge level. See also: NAND Flash, NVMe Sanitize. Learn more in our NVMe secure erase guide.

Bootable Media

A USB drive, CD/DVD, or other removable storage device configured to boot an operating system or standalone tool independently of the computer's installed OS. Bootable media is essential for disk wiping because it allows you to erase the system drive — something you cannot do while the OS running on that drive is active. Tools like DBAN, ShredOS, and Parted Magic are distributed as bootable images.

Magnifying glass over circuit board

C

Certificate of Erasure

A formal document confirming that specific storage media has been sanitized according to a defined standard. A proper certificate includes the drive serial number, model, capacity, erasure method used, verification results, date and time, and the name of the responsible technician or organization. Certificates are critical for regulatory compliance (HIPAA, GDPR, PCI DSS, SOX) and provide a defensible audit trail. Also called a certificate of data destruction or certificate of sanitization. See our certificate of erasure template.

Clear (NIST 800-88)

The first and least intensive of the three NIST 800-88 sanitization levels. Clear protects against data recovery using standard software tools — someone running a file recovery program would not be able to retrieve the data. For HDDs, Clear is achieved through a single-pass overwrite. For SSDs, a standard overwrite may achieve Clear in some cases, but NIST acknowledges that wear leveling limits its effectiveness on flash media. Clear is appropriate for low-sensitivity data on drives that will remain within your organization. See also: Purge, Destroy. Read our NIST 800-88 explainer.

Crypto Erase

See Cryptographic Erase.

Cryptographic Erase

A sanitization method that destroys the encryption key on a self-encrypting drive (SED), rendering all stored data permanently unreadable. The data itself remains on the drive, but without the key it is indistinguishable from random noise. Cryptographic erase completes in seconds regardless of drive capacity and qualifies as NIST 800-88 Purge level when the drive meets specific encryption requirements. It is available on TCG Opal drives, many NVMe SSDs, and other hardware-encrypted storage. See also: Self-Encrypting Drive, TCG Opal. Learn more in our article on self-encrypting drives and crypto erase.

D

Data at Rest

Data stored on a physical medium — a hard drive, SSD, USB flash drive, tape, or any other storage device — as opposed to data in transit (moving across a network) or data in use (actively being processed in memory). Data erasure and sanitization standards focus exclusively on data at rest. The security risk is that data at rest persists even after files are deleted or the device is decommissioned unless proper sanitization is performed.

Data Remanence

The residual physical representation of data that remains on storage media after an attempt to erase it. On magnetic media (HDDs), data remanence refers to faint magnetic traces left after overwriting. On flash media (SSDs), it refers to charge remnants in NAND cells or data stranded in areas inaccessible to overwrite tools (due to wear leveling or over-provisioning). The entire field of data sanitization exists to address data remanence. See our article on whether data can be recovered after secure erase.

DBAN (Darik's Boot and Nuke)

A free, open-source bootable disk erasure tool that has been widely used since the early 2000s. DBAN boots from USB or CD and overwrites all connected hard drives using various patterns (zeros, random data, DoD 5220.22-M, Gutmann, etc.). It works well for HDDs but does not support firmware-level erase commands, making it ineffective for SSDs. DBAN also lacks certificate generation and NVMe support. See our DBAN review and best free disk wipe software.

Degaussing

The process of exposing magnetic storage media to a powerful magnetic field that disrupts the magnetic domains storing data, rendering the data unrecoverable. Degaussing works on HDDs and magnetic tapes but has absolutely no effect on SSDs or flash storage, which store data as electrical charges rather than magnetic patterns. A degaussed HDD is typically unusable afterward because the servo tracks (used to position the read/write heads) are also destroyed. Degaussing achieves NIST 800-88 Purge level for magnetic media. See also: Physical Destruction. Read more in our data erasure vs. physical destruction comparison.

Destroy (NIST 800-88)

The most intensive of the three NIST 800-88 sanitization levels. Destroy renders storage media physically unusable and data unrecoverable by any known method. Methods include shredding, disintegration, pulverization, incineration, and melting. Destroy is reserved for the highest-sensitivity data or for media that is already damaged or non-functional. The obvious drawback: the drive cannot be reused or resold. See also: Clear, Purge. Read our NIST 800-88 explainer.

DoD 5220.22-M

A legacy overwrite method from the U.S. Department of Defense's National Industrial Security Program Operating Manual. It specifies a three-pass overwrite: first with zeros, then with ones, then with random data, followed by verification. Originally published for 1990s-era drive technology, DoD 5220.22-M is now obsolete — the DoD itself no longer references it for media sanitization. NIST 800-88 has replaced it as the recommended framework. A single overwrite pass provides equivalent security on any drive manufactured in the last two decades. See our DoD 5220.22-M explainer and the erasure method comparison chart.

E

eMMC (Embedded MultiMediaCard)

A flash storage standard commonly found in smartphones, tablets, Chromebooks, and low-cost laptops. eMMC chips are soldered directly to the device's motherboard rather than connected as removable drives. Erasing eMMC storage typically requires vendor-specific tools or platform-specific factory reset procedures that trigger firmware-level erase commands. Standard disk wiping tools designed for SATA or NVMe drives may not work on eMMC devices.

Encryption

The process of converting data into an unreadable format using a cryptographic algorithm and a key. In the context of data erasure, encryption matters because if a drive was encrypted before data was written, destroying the encryption key makes the data unrecoverable — this is the basis of cryptographic erase. Full-disk encryption (FDE) and self-encrypting drives (SEDs) make cryptographic erase possible. See also: Cryptographic Erase, Self-Encrypting Drive.

Enhanced Secure Erase

See ATA Enhanced Secure Erase.

F

Firmware

The low-level software embedded in a storage device's controller that manages all hardware operations — reading, writing, wear leveling, error correction, and erase commands. Firmware-level erase commands (ATA Secure Erase, NVMe Sanitize) are critical for SSD sanitization because they operate below the operating system layer, reaching areas that software-based overwriting cannot. The quality and correctness of firmware implementations vary by manufacturer, which is why verification after erasure is always recommended.

Flash Memory

A type of non-volatile storage that retains data without power by trapping electrons in floating-gate transistors. Flash memory is the underlying technology in SSDs, USB flash drives, SD cards, eMMC, and other solid-state storage. Unlike magnetic media, flash memory cannot be overwritten in place — data must first be erased at the block level before new data can be written. This fundamental characteristic is why SSDs require different erasure approaches than HDDs. See also: NAND Flash, Wear Leveling. Read about SSD vs. HDD erasure differences.

Flash Translation Layer (FTL)

The firmware component in an SSD or flash device that maps logical block addresses (LBAs) from the operating system to physical locations in flash memory. The FTL handles wear leveling, garbage collection, and bad block management transparently. From a data erasure perspective, the FTL is the reason overwriting an SSD is unreliable — the layer may redirect writes to different physical cells, leaving old data intact in the original location. See also: Wear Leveling, Logical Block Addressing.

Format (Quick vs. Full)

Formatting prepares a storage device with a file system so an operating system can use it. A quick format only rewrites the file system metadata (the index) — all actual data remains on the drive and is trivially recoverable. A full format in modern Windows (Vista and later) writes zeros to all accessible sectors, which provides basic overwriting but does not meet any recognized erasure standard because it cannot reach HPA, DCO, or remapped areas on HDDs, and cannot address wear leveling on SSDs. Formatting is not the same as wiping. See our guide on how to wipe a hard drive.

G

Garbage Collection

An automated process in SSD controllers that consolidates valid data from partially-used blocks and erases blocks containing only invalid (deleted) data. Garbage collection runs in the background and reclaims storage space for future writes. From an erasure perspective, garbage collection may eventually erase deleted data — but the timing is unpredictable, incomplete, and not a substitute for proper sanitization. See also: TRIM, Flash Translation Layer.

Gutmann Method

A 35-pass overwrite method proposed by Peter Gutmann in a 1996 paper. The method writes 35 specific patterns designed to defeat data recovery techniques on magnetic encoding schemes (MFM, RLL) used in 1990s-era drives. Gutmann himself has stated that the method is unnecessary for modern drives and that a single overwrite pass is sufficient. Running 35 passes on a 1TB HDD takes 4-7 days with zero additional security benefit. See our Gutmann method explainer and the erasure method comparison chart.

H

HDD (Hard Disk Drive)

A storage device that records data magnetically on spinning metal platters using a read/write head on a mechanical arm. HDDs have been the primary storage technology since the 1950s and remain common in desktops, NAS devices, and data centers due to their low cost per gigabyte. HDD erasure is straightforward compared to SSDs: a single-pass overwrite of all sectors (including HPA, DCO, and remapped areas) is sufficient for Clear-level sanitization per NIST 800-88. See also: SSD. See our complete guide to wiping a hard drive.

HMG IS5

The UK government's data sanitization standard, published by His Majesty's Government (HMG) Communications-Electronics Security Group (CESG). HMG IS5 defines two levels: Baseline (single overwrite with verification) and Enhanced (three-pass overwrite). The Enhanced level is functionally similar to DoD 5220.22-M and equally unnecessary for modern drives. HMG IS5 is primarily referenced by UK government agencies and organizations that supply them. See our HMG IS5 explainer.

Host Protected Area (HPA)

A hidden region of a hard drive that the BIOS and operating system normally cannot see or access. The HPA can store diagnostic tools, recovery partitions, or other vendor-specific data. From a security standpoint, data hidden in the HPA survives standard formatting and basic overwrite tools. Proper disk wiping software must detect and include the HPA in the sanitization process. ATA Secure Erase covers the HPA by default. See also: Device Configuration Overlay.

I

IEEE 2883

An IEEE standard published in 2022 titled "Standard for Sanitizing Storage." IEEE 2883 is the first data erasure standard designed specifically for modern storage technologies — SSDs, NVMe drives, flash-based media, and emerging storage types that NIST 800-88 Rev. 1 did not fully address. It provides detailed, technology-specific sanitization procedures and is increasingly referenced in enterprise procurement and government requirements. NIST 800-88 Rev. 2 aligns with IEEE 2883 in several areas. See our IEEE 2883 explainer.

Immutable Storage

Storage configured so that data, once written, cannot be modified or deleted for a defined retention period. Immutable storage is used for regulatory compliance, ransomware protection, and backup integrity. From a data erasure perspective, immutable storage presents a challenge: the data cannot be erased until the retention policy expires. Organizations must plan for eventual sanitization when designing immutable storage systems.

J

JBOD (Just a Bunch of Disks)

A storage configuration where multiple drives are presented individually (as separate volumes) rather than combined into a RAID array. In a JBOD enclosure, each drive operates independently. Wiping drives in a JBOD configuration is straightforward — each drive can be sanitized individually using standard methods. This contrasts with RAID arrays, where the data is distributed across multiple drives and the array must typically be dismantled before individual drives can be properly wiped. See also: RAID.

K

KillDisk

A commercial disk sanitization tool developed by LSoft Technologies. KillDisk supports multiple erasure standards, works on HDDs and SSDs, generates certificates of erasure, and is available as both a bootable environment and a Windows/Linux application. It offers a limited free version and various paid tiers for professional and enterprise use. See our KillDisk review.

L

Logical Block Addressing (LBA)

The addressing scheme used by operating systems to identify locations on a storage device. LBAs are sequential numbers (0, 1, 2, ...) that map to physical locations on the drive. On HDDs, LBAs correspond to specific sectors on the platters. On SSDs, the flash translation layer (FTL) maps LBAs to physical NAND cells — and this mapping changes constantly due to wear leveling. When you overwrite LBA 1000 on an SSD, you may be writing to a completely different physical location than the one that originally held that data. This is why overwrite-based erasure is unreliable on SSDs. See also: Flash Translation Layer, Wear Leveling.

Logical Erasure

Any data erasure method that operates through software commands at the operating system or application level, as opposed to firmware-level commands or physical destruction. Overwriting, formatting, and file-level deletion are all forms of logical erasure. Logical erasure achieves NIST 800-88 Clear level on HDDs but is insufficient for SSDs due to wear leveling. See also: Clear, Overwrite.

M

Media Sanitization

The umbrella term for any process that renders data on storage media unrecoverable. Media sanitization encompasses logical methods (overwriting, cryptographic erase), firmware-level methods (ATA Secure Erase, NVMe Sanitize), and physical methods (shredding, degaussing, incineration). The term is used formally in NIST 800-88 and IEEE 2883. A media sanitization policy defines which methods are used for which data classifications and media types within an organization. See our overview of data erasure standards.

Multi-Pass Overwrite

An overwrite method that writes data to every sector on a drive more than once, using different patterns on each pass. Examples include DoD 5220.22-M (3 passes), HMG IS5 Enhanced (3 passes), RCMP TSSIT OPS-II (7 passes), and Gutmann (35 passes). Multi-pass overwriting was developed for older magnetic recording technologies. Modern research and NIST 800-88 confirm that a single pass is sufficient for current HDDs. Multi-pass methods add hours or days of processing time with no measurable security improvement on modern hardware. See also: Single-Pass Overwrite. Read our article on the myth of 7-pass wiping.

N

NAND Flash

The specific type of flash memory used in SSDs, USB drives, SD cards, and other solid-state storage. NAND flash cells store data by trapping electrical charges, and they are organized into pages and blocks. Data can be written at the page level but can only be erased at the block level — this asymmetry is fundamental to how SSDs work and why they require different erasure approaches than HDDs. Types include SLC (single-level cell), MLC (multi-level), TLC (triple-level), and QLC (quad-level), each storing 1-4 bits per cell. See also: Flash Memory, Block Erase.

NIST 800-88

The most widely referenced data sanitization standard worldwide. NIST Special Publication 800-88, "Guidelines for Media Sanitization," is published by the U.S. National Institute of Standards and Technology. The current version is Rev. 2, published in September 2025, which supersedes Rev. 1 (2014). NIST 800-88 defines three sanitization levels — Clear, Purge, and Destroy — and provides a risk-based framework for selecting the appropriate level based on data sensitivity and media type. It is referenced by HIPAA, CMMC, FedRAMP, PCI DSS, and numerous other regulatory frameworks. See our NIST 800-88 explainer and Rev. 2 breakdown.

NVMe (Non-Volatile Memory Express)

A high-speed interface protocol designed specifically for flash-based storage, connecting drives directly to the CPU via PCIe lanes. NVMe SSDs are significantly faster than SATA SSDs and are now the standard in modern laptops and desktops. NVMe drives support the NVMe Sanitize command set for data erasure, which is distinct from ATA Secure Erase (used by SATA drives). See also: NVMe Sanitize, SATA. See our NVMe secure erase guide.

NVMe Sanitize

A command set defined in the NVMe specification that provides three sanitization operations: Block Erase (resets all flash blocks), Crypto Erase (destroys the encryption key), and Overwrite (writes a pattern to all user-accessible areas). Block Erase and Crypto Erase achieve NIST 800-88 Purge level. Unlike ATA Secure Erase, NVMe Sanitize cannot be interrupted and the drive reports the sanitization status. NVMe Sanitize is the preferred method for erasing NVMe SSDs. See also: Block Erase, Cryptographic Erase. Learn more in our NVMe secure erase guide.

O

Over-Provisioning

Extra flash memory capacity built into an SSD that is not visible to the operating system. Manufacturers typically reserve 7-28% of the total NAND capacity for over-provisioning, which the controller uses for wear leveling, garbage collection, and replacing failed cells. Over-provisioning is a data erasure concern because data stored in these hidden areas cannot be reached by standard overwrite tools. Only firmware-level erase commands (ATA Secure Erase, NVMe Sanitize) can reset over-provisioned cells. See also: Wear Leveling, Flash Translation Layer.

Overwrite

The most common software-based data erasure method. Overwriting replaces existing data with new data — zeros, ones, random values, or specific patterns — across every addressable sector of a storage device. A single overwrite pass is sufficient for modern HDDs per NIST 800-88. However, overwriting is unreliable on SSDs because the flash translation layer may redirect writes to different physical cells, leaving original data intact in the old location. For SSDs, firmware-level commands are required instead. See also: Zero-Fill, Pattern Overwrite, Single-Pass Overwrite. Compare methods in our erasure method comparison chart.

P

Partition

A defined section of a storage device that the operating system treats as a separate volume. A single physical drive can contain multiple partitions, each with its own file system and drive letter (on Windows). Deleting a partition removes the partition table entry but does not erase the underlying data. Proper data sanitization must address the entire physical drive — all partitions, unpartitioned space, and hidden areas — not just individual partitions.

Pattern Overwrite

An overwrite method that writes a specific sequence of bytes (a pattern) rather than simple zeros. Examples include alternating 0x55/0xAA (binary 01010101/10101010), the DoD's zero/one/random sequence, and Gutmann's 35 specialized patterns. Pattern overwrites were designed to defeat residual magnetism analysis on older HDDs. For modern drives, the specific pattern does not matter — any single-pass overwrite renders data unrecoverable. See also: Overwrite, Zero-Fill.

Physical Destruction

Any method that renders storage media physically unusable: shredding, crushing, disintegration, pulverization, drilling, incineration, or melting. Physical destruction achieves NIST 800-88 Destroy level and is the only option for the highest-sensitivity data, damaged drives that cannot be electronically erased, or media that must be accounted for with absolute certainty. The trade-off is obvious: the drive is gone forever. For working drives with routine data, software-based erasure or firmware commands are more practical and cost-effective. See our comparison of data erasure vs. physical destruction.

Purge (NIST 800-88)

The second of the three NIST 800-88 sanitization levels. Purge protects against data recovery using laboratory-level techniques — specialized equipment like electron microscopes or signal-processing tools. For HDDs, Purge can be achieved through enhanced overwrite or degaussing. For SSDs, Purge requires firmware-level commands such as ATA Secure Erase, NVMe Sanitize (Block Erase or Crypto Erase), or cryptographic erase on self-encrypting drives. Purge is appropriate for sensitive data or for drives leaving organizational control. See also: Clear, Destroy. Read our NIST 800-88 explainer.

R

RAID (Redundant Array of Independent Disks)

A storage technology that combines multiple physical drives into a single logical volume for performance, redundancy, or both. Common RAID levels include RAID 0 (striping), RAID 1 (mirroring), RAID 5 (striping with parity), and RAID 6 (striping with double parity). Wiping a RAID array is more complex than wiping individual drives because data is distributed across multiple disks. Best practice is to destroy the RAID array first, then sanitize each physical drive individually. Simply deleting the RAID configuration does not erase the data on the member drives.

Random Data Overwrite

An overwrite method that writes pseudorandom data (generated by a software algorithm) to every sector on the drive. Random data overwriting provides equivalent security to pattern-based or zero-fill methods on modern drives. Some organizations prefer random data because it makes it easier to verify that an overwrite actually occurred — if you read back the drive and find organized data instead of random noise, the overwrite may have failed. See also: Overwrite, Zero-Fill, Verification.

Remapped Sectors

Sectors on a hard drive that the firmware has retired due to read/write errors and replaced with spare sectors from a reserve pool. The original data in the failed sector may remain physically on the platter even after remapping. Standard overwrite tools cannot reach remapped sectors because the firmware redirects all access to the replacement. This is one reason ATA Secure Erase (which addresses remapped sectors) is preferred over software-only overwriting for thorough HDD sanitization. See also: Bad Sectors.

S

Sanitize Command

A command set available on modern SATA (ACS-3 and later) and NVMe drives that provides a controller-level mechanism for sanitizing all data on the drive. Unlike older ATA Secure Erase commands, the Sanitize command cannot be interrupted once started, and the drive tracks the operation's progress and completion status. The NVMe Sanitize command supports three modes: Block Erase, Crypto Erase, and Overwrite. See also: NVMe Sanitize, ATA Secure Erase.

SATA (Serial ATA)

The most common interface for connecting HDDs and 2.5-inch SSDs to a computer. SATA drives support the ATA command set, including ATA Secure Erase and (on newer drives) the ATA Sanitize command. SATA has a maximum throughput of 6 Gbps (SATA III), which is significantly slower than NVMe. When erasing a SATA drive, you use ATA Secure Erase; when erasing an NVMe drive, you use NVMe Sanitize — these are different commands for different interfaces. See also: NVMe, ATA Secure Erase.

Secure Erase

A general term for any data erasure method that renders data unrecoverable using recognized techniques. In common usage, "secure erase" often refers specifically to ATA Secure Erase, but it can also mean any thorough wipe that meets a recognized standard. Be specific about which secure erase method you mean — ATA Secure Erase, NVMe Sanitize, cryptographic erase, and overwriting are all different operations with different capabilities. See our guide on how to secure erase an SSD.

Self-Encrypting Drive (SED)

A storage device with a built-in hardware encryption engine that automatically encrypts all data written to the drive and decrypts it on read. The encryption key is stored within the drive's controller. SEDs support cryptographic erase — destroying the encryption key makes all stored data permanently unreadable without touching the data itself. SEDs following the TCG Opal specification are the most common. NIST 800-88 Rev. 2 recognizes cryptographic erase on SEDs as a valid Purge method when specific conditions are met. See also: Cryptographic Erase, TCG Opal. Read our article on self-encrypting drives and crypto erase.

Shredding

In a physical destruction context, shredding means feeding a storage device through an industrial shredder that reduces it to small fragments (typically under 2mm for the highest security levels). In a software context, "file shredding" refers to overwriting a specific file's data before deleting it — though this is unreliable on SSDs and journaling file systems. Physical shredding achieves NIST 800-88 Destroy level. See also: Physical Destruction.

Single-Pass Overwrite

An overwrite method that writes data to every sector on a drive exactly once. NIST 800-88 confirms that a single pass with any fixed value (zeros, ones, or random data) is sufficient to render data unrecoverable on modern HDDs. This finding is based on research showing that modern drive densities make it physically impossible to recover overwritten data, even with laboratory equipment. Single-pass overwriting takes one-third the time of a three-pass DoD wipe and one-thirty-fifth the time of Gutmann — with identical security results. See also: Multi-Pass Overwrite, Zero-Fill.

SSD (Solid-State Drive)

A storage device that uses NAND flash memory chips instead of spinning magnetic platters. SSDs are faster, more durable, and more power-efficient than HDDs, but they require fundamentally different data erasure approaches. Due to wear leveling, over-provisioning, and the flash translation layer, standard overwrite tools cannot reach all data on an SSD. Proper SSD sanitization requires firmware-level commands — ATA Secure Erase (SATA SSDs), NVMe Sanitize (NVMe SSDs), or cryptographic erase (self-encrypting SSDs). See our guide on SSD vs. HDD erasure differences.

T

TCG Opal

A specification from the Trusted Computing Group (TCG) that defines a standard interface for self-encrypting drives. TCG Opal drives use hardware-based AES encryption and support multiple authentication ranges, allowing different users or partitions to have separate encryption keys. For data erasure, TCG Opal drives support cryptographic erase — destroying the encryption key renders all data unreadable in seconds. Many modern enterprise SSDs and some consumer SSDs support TCG Opal. See also: Self-Encrypting Drive, Cryptographic Erase.

TRIM

An operating system command that informs an SSD which data blocks are no longer in use. When you delete a file, the OS sends a TRIM command for those blocks, allowing the SSD controller to erase them during garbage collection for better write performance. TRIM is not a sanitization method — it is a performance optimization. The timing and completeness of TRIM-triggered erasure are unpredictable and manufacturer-dependent. Do not rely on TRIM for secure data erasure. See also: Garbage Collection.

Trusted Platform Module (TPM)

A hardware security chip (or firmware implementation) that provides cryptographic functions including key generation, key storage, and secure boot attestation. In the context of data erasure, TPMs are relevant because they can store or protect encryption keys used for full-disk encryption (like BitLocker). If a TPM holds the only copy of an encryption key and the key is destroyed, the encrypted data on the associated drive becomes unrecoverable. TPMs themselves do not perform data erasure — they facilitate it by managing encryption keys.

V

Verification

The process of confirming that a data sanitization operation completed successfully. Verification is a mandatory step in NIST 800-88, not optional. For overwrite methods, verification involves reading back a sample of sectors (or all sectors) to confirm the overwrite pattern is present. For firmware-level commands, verification includes checking the drive's status registers for successful completion and optionally reading sectors to confirm they are zeroed or randomized. Professional erasure tools automate verification and document the results in certificates of erasure. Skipping verification means you have no proof the wipe actually worked.

Volatile Memory

Memory that loses its contents when power is removed. RAM (Random Access Memory) is the primary example — when you shut down a computer, everything in RAM disappears within seconds. Volatile memory is generally not a data sanitization concern under normal conditions, though specialized attacks (cold boot attacks) can recover data from RAM briefly after power loss by cooling the memory chips. NIST 800-88 addresses volatile memory sanitization by recommending a power cycle of sufficient duration.

W

Wear Leveling

A technique used by SSD controllers to distribute write and erase operations evenly across all NAND flash cells to prevent any single cell from wearing out prematurely. Flash memory cells have a limited number of write/erase cycles (typically 1,000-100,000 depending on NAND type). Wear leveling extends drive lifespan, but it creates a significant data erasure problem: when you overwrite a file, the controller may write the new data to a completely different physical location, leaving the original data intact in the old cells. This is the primary reason standard overwrite tools are unreliable on SSDs. See also: Flash Translation Layer, Over-Provisioning. Read about SSD vs. HDD erasure differences.

Wipe

A general-purpose term for erasing all data on a storage device. "Wiping" a drive can refer to various methods — overwriting, firmware-level erase commands, or even formatting — depending on context. In technical documentation, the more precise terms (overwrite, sanitize, Clear, Purge, etc.) are preferred because "wipe" does not specify the method or security level achieved. Throughout this site, we use "wipe" conversationally but specify the exact method in technical guidance. See our complete guide to wiping a hard drive.

Write Amplification

A phenomenon in SSDs where the actual amount of data physically written to the NAND flash is larger than the amount the host system requested to write. Write amplification occurs because the SSD controller must read, modify, and rewrite entire blocks even when only a small portion of a block changes. This increases flash cell wear and has implications for data erasure — write amplification means data is being moved and copied internally in ways that are invisible to the operating system, potentially leaving copies of data in locations that overwrite tools cannot reach.

Z

Zero-Fill

An overwrite method that writes the value 0x00 (binary zero) to every addressable sector on a storage device. Zero-fill is the simplest and most common overwrite technique. A single zero-fill pass achieves NIST 800-88 Clear level on HDDs and is sufficient for modern hard drives per NIST guidance. On SSDs, zero-fill is ineffective for the same reasons all overwrite methods fail on flash storage — wear leveling redirects writes away from the original data locations. See also: Overwrite, Single-Pass Overwrite, Pattern Overwrite.

The Bottom Line

Data erasure terminology can be dense, but the core concepts are straightforward: HDDs can be wiped by overwriting, SSDs need firmware-level commands, and NIST 800-88 Rev. 2 is the standard that ties it all together. If you are just getting started, read our complete guide to wiping a hard drive, then check the erasure method comparison chart to pick the right method for your drive. For a full overview of the standards referenced throughout this glossary, see our data erasure standards explainer.

Last updated: February 2026. We regularly review and update our guides to ensure accuracy.

Sources: