Skip to content

What Is the DoD Standard? (And Why Does It Matter?)

    What Is the DoD Standard?

    When your business is done with any data, you probably just right click on it and press “delete,” thinking it’s been properly erased from your device.

    However, all deleting does is hide your data; it’s not synonymous with wiping the data, which means a complete removal.

    If you’re an organization that deals with client and partner data, then it’s important you understand and follow standards and regulations to ensure you erase data properly. For example, there’s the DoD standard.

    What is the DoD standard? And why does it matter? We’ll give you a brief explanation in this article.

    What Is the DoD Standard?

    The DoD standard is also known as theDoD 5220.22-m standard. It first came about in 1995 and was originally created for the US military (hence “DoD,” or “Department of Defense”). This dictated how data was erased from hard drives so that information was never compromised.

    Data 2

    According to this standard, the proper way to sanitize hard drives of data is to:

    1. Overwrite with binary zeroes
    2. Overwrite with binary ones
    3. Overwrite with a random bit pattern
    4. Verify the final overwrite

    If done correctly, this should prevent any entity from recovering the data that was intended to be erased.

    Because this standard offered a clear-cut way of data sanitation, it was quickly adopted across all industries.

    Why Does the DoD 5220.22-m Standard Matter?

    As you can see, the DoD 5220.22-m standard matters because you want to erase data completely when you’re done with it. Otherwise, you risk it falling into the wrong hands.

    Old devices

    This is especially important if you’re getting rid of devices and replacing them with new ones. Once the old devices leave your place of business, then it can be very easy for other parties to retrieve data on your hard drives.

    The Future of the DoD Wiping Standard

    Because organizations now use solid-state drives (SSDs) over regular hard drives, this has posed a problem with the DoD 5220.22-m standard. This is because SSDs use different methods of data storage, which make the DoD standard irrelevant.

    As a result, the industry-standard has shifted away from DoD 5220.22-m to NIST 800-88. Do note that this is just a set of guidelines and doesn’t offer certifications (the DoD standard doesn’t either). However, considering both the government and other programs look to NIST 800-88 instead of DoD 5220.22-m for data erasure guidelines, it should be ideal for your organization to follow it as well.

    Make Sure You Properly Erase Your Data

    Now you know what the DoD standard is and why it matters to your organization. If you use SSDs instead of hard drives, then you may want to erase your data according to NIST 800-88 instead. You can even opt to physically destroy your hard drives for optimal results.

    Data centar

    It may be in your company’s best interest to evaluate the different standards available and combine their methods with the physical destruction of data to protect whatever sensitive information you deal with.

    Did you enjoy this article about the DoD 5220.22 m standard? Then check out our other blog posts now.

    Join our newsletter

    Interesting articles about

    WordPress and internet security

    Stay in touch

    Articles about WordPress and Internet security

    Please enter a valid email address.
    Something went wrong. Please check your entries and try again.

    WordPress Security made easy

    Protect your website from hackers and malicious software.

    We won't spam you. Unsubscribe any time.

    Wait! Before you go!

    Get 10% discount for any WP Security Ninja plan!


    Subscribe to our newsletter for new releases, discounts and general WordPress Security news. Sprinkled with other interesting stuff :-)

    10% OFF

    Subscribe to our newsletter

    * We do not spam or share your email

    Discount on any Security Ninja plan

    and get

    Hi and welcome back :-)