Secure data deletion
The system provides methods to securely erase data from a drive or from a boot drive when a control enclosure is decommissioned.
Secure data deletion effectively erases or overwrites all traces of existing data from a data storage device. The original data on that device becomes inaccessible and cannot be reconstructed. You can securely delete data on individual drives and on a boot drive of a control enclosure. The methods and commands that are used to securely delete data enable the system to be used in compliance with European Regulation EU2019/424.
Deleting data from SAS drives
You can use the chdrive -task erase drive_id command to securely delete data from a SAS solid-state drive (SSD) or SAS hard disk drive (HDD) drive. The secure erase data functionality supports majority of devices. However, it is not supported on a small number of older drive models. When the command is used against the unsupported drive models, the CMMVC6626E: The task was not initiated because a command was rejected by the drive that you have specified error appears. The command fails if the drive is an active member of an array, the drive is in auto manage mode, or a firmware upgrade is in progress on the drive or the enclosure. Also, if the command process did not complete or fails, you cannot access the data on the drive; you can only enter the chdrive -task erase command again.
To see the status of the data deletion task and the estimated completion time, you can use the lsdriveprogress command. During the data deletion process, the drive activity LED indicator flashes green. When the process completes, the drive activity LED indicator becomes solid green.
| Priority | Deletion type | Method | Completion time |
|---|---|---|---|
| 1 | Cryptographic erase | Changes the encryption key and makes the data inaccessible. | Instant |
| 2 | Block erase | Quickly raises and lowers the voltage level of the storage element. Physical blocks are altered with a vendor-specific value. | Fast |
| 3 | Data overwrite | Replaces the existing data with random data. | Slow |
The methods that are used to securely delete data vary according to manufacture, drive type, and drive firmware. For more information, see the documentation that is provided by the drive manufacturer.
For more information about the drives that are supported by the system, see Control enclosure replaceable units.
Deleting data from NVMe drives
You cannot use the chdrive -task erase command to delete data from an NVM
Express (NVMe) drive. The command will fail and you will receive an unsupported command
error
message. However, you can securely delete data from NVMe drives be using the chdrive -task
format
drive _id command instead.
When you issue chdrive -task format, the system changes the internal key in the NVMe drive and then erases the user data. All previous data in the drive becomes unreadable.
Before an NVMe drive is added to an encryption pool, the drive is encrypted with a new key. Because that encryption key is removed during the formatting process, the data on the NVMe drive can no longer be read.
Deleting data from boot drives
You can also securely delete the data on a boot drive of a control enclosure. To do so, use the satask rescuenode -secureerase -force command. The system then uses the block erase method to delete most of the vital product data (VPD) from the boot drive. Only the serial number, FRU part number, and MTM information remain in the VPD.