Secure Data Overwrite (SDO) is a method of securely overwriting data on DS8000 series storage. While it's most often referred to for discontinuing existing storage, it's use is not only limited to this.
There are other reasons that someone may wish to have SDO run on their machine. For example, if you are physically moving a storage device to a separate location, you may wish to utilize SDO to secure your data in transit. Also, if you're repurposing your storage for use by another department (for example, a machine which stored sensitive personal information is to be repurposed for any other purpose) this would be a good option to ensure that the data is unretrievable. This can be extremely helpful in industries with specific regulatory requirements, such as the financial or health care industries in ensuring compliance when reutilizing existing hardware.
WIth DS8870 microcode announced on June 4 (LMC 7.7.10.xx on DS8870) there have been improvements to the process. The first improvement is the addition of a cryptoerase of the drives prior to overwriting. This is possible since all DDMs in the DS8870 are full data encryption drives. What this means is that the drives internal key is obfuscated, then recreated, which renders the data on the drive as unreadable. The second is allowing for a single pass over-write of the storage DDMs. This does improve the over-all time to completion, but keep in mind that the HMC possesses a larger hard drive and this drive takes considerably longer than the SAS drives in backend storage to over-write (there has been no change, the non-FDE drive in the HMC is over-written three times regardless of microcode level currently).
A brief over view of the current process is as follows:
- Data is cryptoerased by obfuscating the encryption key on the storage DDMs on the machine, then a new key is created. This renders the data unreadable.
- Once this is completed, the drives are over written. As mentioned above by either one, or three pass methods.
- The areas of the disks in both LPARs, and the HMC is overwritten using a three pass methodology.
Upon completion, a certificate is generated automatically and is available to be offloaded via DS CLI and the offloadfile command
- For example: offloadfile –dev IBM.2107-75FA120 –sdocert C:\temp
( for more information see, IBM System Storage DS8000 Information Center. )
This whole process is time consuming, the amount of time is dependent on the total size of the storage and can take several days due for this to complete.
This service was previously available as an STG Lab Services offering, however as of release 6.2 (LMC 220.127.116.11 for DS8700 or 18.104.22.168 for DS8800) your IBM Service Representative can perform this for you as a billable service.
If you're interested in SDO on either a DS8700, or a DS8800 the process is very similar, you simply need to be running supported microcode. The only differences are that there is no initial cryptoerase, and as such all SDO processes perform a three-pass over-write on all drives (storage DDMs, LPAR, and HMC drives).