Cigent Technology Patents Ensure Complete Erasure of Storage Drives and Endpoint Devices

Cigent Technology, Inc. has been assigned a patent (11581048) developed by Tony Fessel, VP, engineering, Fort Myers, FL, for “method and system for validating erasure status of data blocks.”

Organizations have a responsibility to always protect data on endpoints, including when they are transitioned from one employee to another, are retired, or donated to charities. Failure to protect sensitive and critical data including PII, intellectual property, trade secrets, and classified information is a violation of laws including HIPAA, GDPR, and CCPA, and is a risk to national security.

IT leaders know this and take data removal seriously when a device is being repurposed or EOLed. Before endpoints and drives are transitioned, they follow industry best practices to wipe drives using technologies such as ATA Secure Erase or paying for managed services to perform certified drive wipes. Storage devices provide a response indicating the erase command was completed successfully, in theory, wiping all data.

Research by CPR Tools determined that 42% of SSDs had recoverable sensitive (not just PII) data on them. As a result of this type of research, the NSA issued guidance requiring SSDs to be destroyed.

Drives can falsely report that the data was wiped due to incorrectly implemented commands, bad sectors, hardware failures, erasure program failures, human error and more. An additional challenge, specifically with SSDs, is wear leveling and the need to have additional blocks to move data around that are often not scanned when an erasure verification command is issued.

To address these gaps, the company’s patented technology is included in its Verified Device Erasure, firmware-based verification capability. Verified Device Erasure scans the SSD to verify the type of blocks and whether data has been erased. It then displays a report for the user showcasing results.

“Cigent Verified Device Erasure is the only reliable method to verify that an SSD has truly been erased and can be safely repurposed,” said Tom Ricoy, CRO.

The firm’s Secure SSD drives, originally developed for U.S. government and military use, are the first commercially available cyber-secure SSDs and are being implemented by hardware partners.

The Secure SSDs with Verified Device Erasure are sold by the company and multiple storage manufacturers including Seagate Federal, Inc., d/b/a Seagate Government Solutions (Barracuda 515), Digistor (Citadel C Series Advanced), Kanguru, and Envoy Data Memory. They are available in both FIPS validated and NIAP Common Criteria certified storage devices. They are available from distributors TD Synnex, Carahsoft, and ImmixGroup and on multiple federal and SLED contract vehicles including GSA, NSA SEWP, NCPA, Texas DIR, Maryland COTS, and Pennsylvania COSTS.