At NetApp, providing our customers with simple ways to increase their security is a top priority. Our 25+ years of innovation across our portfolio includes new security features for our ONTAP data management software. This innovation was recently recognized at the most recent Flash Memory Summit in early-August. NetApp, along with Ontrack, a leader in the data recovery and data erasure market, won the award for “Most Innovative Flash Memory Consumer Application” for our latest ONTAP feature called “Secure Purge” and the validation process Ontrack created. To truly understand the importance of this innovation, it’s important to look at it in the context of the world we live in today.
Sanitizing data has become a critical yet complex task. Typically, more than just the targeted data must be wiped – up to and including the entire storage array. The sanitizing process is critical not only for traditional reasons like making sure someone doesn’t recover sensitive company data from physical hardware like disk drives, or cleaning up data spills (sensitive data being stored in the incorrect location), but also due to recent legislation like the EU’s General Data Protection Regulation (GDPR). GDPR Article 17 requires the ability for an individual to request that their personal data is forgotten (a.k.a. sanitized).
The complexity in sanitizing data and recovering from data spillage traditionally comes from the need to securely wipe entire disks or arrays to ensure the data is no longer recoverable. In some situations, this has a side effect of wiping out more than just the targeted data. To avoid this “collateral damage,” you may have to migrate other data off before you can sanitize, which typically takes more time and resources. Enter ONTAP Secure Purge, which allows you to sanitize (shred) a single piece of data without affecting any other data on the storage device.
How Secure Purge Works
You can see in the example above that after a single (or multiple) file deletion occurs the old NVE volume, and its encryption key, are completely destroyed. Only live/active data remains on the new NVE volume. There is no way to recover the previously deleted data, plus, only the data that needed to be sanitized was removed.
This is particularly helpful for flash Solid State Drives (SSDs). With SSDs, in many cases the data is not immediately overwritten and the data could be retrieved despite it being marked in the file system as “deleted”. NetApp developer Rohit Singh, who helped architect the Secure Purge feature, explains the issue with SSDs quite well.
“This problem becomes significantly harder with an SSD. … [When] running garbage collection and space compaction services on NAND flash media; this work can often leave “phantom” copies of old data lying around even if the host has explicitly overwritten or hole-punched said data. Similar issues don’t exist on HDDs (ONTAP always disables drive-side write caching, something that could cause similar issues.”
As you can see, Secure Purge solves the data spill / sanitization problem even for SSDs.
How do you actually know the data is not recoverable?
Don’t just take our word for it. To make sure that the data was truly “sanitized” or “shredded” NetApp enlisted the help of 3rd party Ontrack (as I mentioned above, NetApp jointly won the “Most Innovative Flash Memory Consumer Application” award with Ontrack). They are masters in recovering data and WAFL (the ONTAP file system) data in particular. We asked Ontrack to make sure there was no way they could recover anything that Secure Purge sanitized. We are pleased to report that they were unable to recover any data shredded by Secure Purge. A third-party report validating this is also available.
We feel that Secure Purge is a strong differentiator that enables our customers to sanitize data in a way that is easy to use, reduces complexity, works on Flash/SSDs, and helps address new privacy law legislation like GDPR.
When asked how he feels about working on a feature like Secure Purge, NetApp Engineer Rohit Singh said:
“I think we’ve accomplished something pretty incredible with this project. As ONTAP engineers, we are always trying to shave off milliseconds of latencies or seconds of failover outages. The data spillage problem is a very real problem that can cause _days_ of downtime. Significantly reducing this downtime is a big deal for many of security-sensitive customers.”
One of the reasons why we are so excited to receive the “Most Innovative Flash Memory Consumer Application” from the “Flash Memory Summit” is that it highlights that NetApp is continuing to innovate to solve real world problems for our customers.
Join us at NetApp INSIGHT 2019
You can learn more about Secure Purge at NetApp Insight Las Vegas on Oct 28-30,2019 in session 1346-2 – “ONTAP Hardening: Secure Your Data Against Today’s threat Landscape”.
To discover more about how you can increase your security and reduce your risks utilizing NetApp products and solutions, check out the following Insight sessions:
- 1347-2 – Applying a Zero Trust Architecture to Your Organization’s Security with NetApp
- 1348-2 – Deploying a Secure Hybrid Cloud Environment: Harness the Power of the Cloud Securely
- 1350-2 – Addressing Ransomware in 2019
- 9002-2 – Ransomware Protection, File-System Auditing and NAS Backup/Restore for ONTAP
- 3006-1 – Data Caretakers: Governance for Data Driven Organizations