Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
Media sanitization that renders data unrecoverable even by lab techniques; stronger than clearing, per NIST SP 800-88 (degaussing, secure erase).
Purging Definition: Media sanitization that renders data unrecoverable even by lab techniques; stronger than clearing, per NIST SP 800-88 (degaussing, secure erase).
Purging is a media sanitization method that removes sensitive data from a storage device so it cannot be reconstructed by any known technique, including state-of-the-art laboratory recovery. It is a stronger level of sanitization than clearing, which only defeats simple, keyboard-level recovery, and is required for more sensitive data that does not warrant physical destruction.
Purging applies techniques matched to the media type. For magnetic media such as hard drives and tapes, degaussing uses a strong magnetic field to erase data and typically renders the device unusable. For modern storage, the firmware-based Secure Erase or Sanitize commands, and cryptographic erase (destroying the encryption key so the ciphertext is unrecoverable), achieve purging efficiently. Verification is a defining feature: the process confirms the data is gone. These methods and the three-tier model of Clear, Purge, and Destroy are specified in NIST SP 800-88 Rev. 1, which has largely superseded the older DoD 5220.22-M overwrite standard.
Purging matters because data remanence, residual data left behind after deletion or simple formatting, is a major leakage risk. Deleting a file or quick-formatting a disk only removes pointers; the underlying data persists and can be recovered with forensic tools. When devices are reassigned, returned off lease, sold, or disposed of, that remanent data can expose credentials, customer records, or classified information. Purging closes this gap with assurance appropriate to the data's sensitivity, supporting data protection regulations and secure asset disposal.
For example, before returning a fleet of leased SSDs that held confidential customer data, an organization issues the drives' built-in cryptographic-erase command, which destroys the on-device encryption keys and instantly makes all stored data unrecoverable, then verifies the operation. The drives can be safely returned without physical destruction. For more sensitive systems holding regulated data, the organization might purge and additionally physically destroy the media, documenting each step with certificates of destruction. Related terms: Media sanitization, Data remanence, Degaussing, Secure erase, Cryptographic erasure, Clearing, Certificate of destruction.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →