HPE Instant Secure Erase (ISE) HDD SSD

BY Sales One November 21, 2022

Instant Secure Erase (ISE) is a feature on many Ultrastar HDDs & SSDs. The feature is included in newer capacity
DC HC520 (12TB) and Ultrastar DC HC510 (10TB/8TB). It provides several benefits, and
is available in both SATA and SAS configurations.

Drives with the ISE feature allow users to instantly erase the drive
by using industry-standard commands and options. This feature is
beneficial compared to the alternative of overwriting a drive with new
data, which can take hours, especially for higher capacity hard drives.
Another benefit of using the new feature is that it can effectively erase
both user accessible data, as well as potentially hidden user data that
the drive maintains, but the user cannot easily access, such as reallocated blocks, spare blocks, etc.

How Does Instant Secure Erase Work?

In order to securely erase the data, the drive first creates an internal
cipher key that is used to cryptographically scramble (or unscramble)
the data as it is written to (or read from) the disk. During normal
drive operation, all data is scrambled (or unscrambled) using that
internal key. When the operator uses Instant Secure Erase to wipe the
drive clean, the HDD deletes the internal key, rendering all user data
unreadable.

It is important to note that while Instant Secure Erase uses
cryptographic techniques to securely erase data, it does not offer
data encryption to protect data at rest.

Block Erase is the secondary erasure method for SSDs. SSDs can be
erased by performing a block erase, which “electrically” erases each
block by using internal SSD functions.
In normal operation, the host can query the device to determine if
SANITIZE is supported, and if so, which of the three options (Crypto
Erase, Overwrite, Block Erase) are supported. With ISE HDDs, both Crypto Erase and Overwrite are supported.
Block Erase does not apply to HDDs. With ISE SSDs, both Crypto Erase and Block Erase are supported.
Overwrite does not apply to SSDs.

Secure Erase

Secure Erase (SE) is a subset of Instant Secure Erase, where the
Crypto Erase option has been disabled. Thus, there is no longer an
“instant” option. The SANITIZE command is still supported, but only
with “Overwrite” or “Block Erase” options. The SE feature provides an
advantage over a “manual overwrite” by ensuring that any current nonaccessible user data areas are also
overwritten.

Western Digital provides Instant Secure Erase (ISE) as a standard
feature in many of our enterprise-class HDD and SSD products.
Secure Erase (SE) drives provide an option for customers who do not
want the Crypto Erase option, but still desire to support the SANITIZE
Feature with Overwrite only (or Block Erase only for SSDs).
With SE HDDs, Overwrite is supported. With SE SSDs, Block Erase
is supported.

Leave a Reply

Your email address will not be published. Required fields are marked *