HPE Persistent Memory module sanitization

Media sanitization is defined by NIST SP800-88 Guidelines for Media Sanitization (Rev 1, Dec 2014) as "a general term referring to the actions taken to render data written on media unrecoverable by both ordinary and extraordinary means."

The specification defines the following levels:

  • Clear: Overwrite user-addressable storage space using standard write commands; might not sanitize data in areas not currently user-addressable (such as bad blocks and over-provisioned areas).
  • Purge: Overwrite or erase all storage space that might have been used to store data using dedicated device sanitize commands, such that data retrieval is "infeasible using state-of-the-art laboratory techniques."
  • Destroy: Ensure that data retrieval is "infeasible using state-of-the-art laboratory techniques" and render the media unable to store data (such as disintegrate, pulverize, melt, incinerate, or shred).

HPE Persistent Memory supports the purge level using a cryptographic erase technique and an overwrite technique.

HPE ProLiant and HPE Synergy Gen10 server products support sanitizing HPE Persistent Memory modules during POST. Use the HPE RESTful Interface Tool or UEFI System Utilities to schedule sanitization on the next boot.

For more information, see the following sections in the HPE Persistent Memory User Guide on the Hewlett Packard Enterprise website (https://www.hpe.com/info/persistentmemory-docs):

  • Sanitization policies

  • Sanitization guidelines

NIST SP800-88 Guidelines for Media Sanitization (Rev 1, Dec 2014) is available for download from the NIST website (https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf).