Computers, Laptops & Tablets Accessories & Hardware What Is the CSEC ITSG-06 Method? Details on the Canada RCMP Standard By Tim Fisher General Manager, VP, Lifewire.com Tim Fisher has 30+ years' professional technology support experience. He writes troubleshooting content and is the General Manager of Lifewire. our editorial process Facebook Twitter LinkedIn Tim Fisher Updated December 20, 2018 Corbis / Getty Images Accessories & Hardware HDD & SSD Keyboards & Mice Monitors Cards Printers & Scanners Raspberry Pi Tweet Share Email CSEC ITSG-06 is a software-based data sanitization method used in some file shredder and data destruction programs to overwrite existing information on a hard drive or other storage devices. Erasing a hard drive using the CSEC ITSG-06 data sanitization method will prevent all software based file recovery methods from finding information on the drive and is also likely to prevent most hardware-based recovery methods from extracting information. What Does CSEC ITSG-06 Do? All data sanitization methods are similar, but what sets them apart from each other are the small details. For example, Write Zero is a method that only uses one pass of zeros. Gutmann overwrites the storage device with random characters, possibly up to dozens of times. However, the CSEC ITSG-06 data sanitization method is a little different in that it uses a combination of zeros and random characters, plus ones. It's usually implemented in the following way: Pass 1: Writes a one or zero.Pass 2: Writes the complement of the previously written character (e.g. one if Pass 1 was zero).Pass 3: Writes a random character and verifies the write. CSEC ITSG-06 is actually identical to the NAVSO P-5239-26 data sanitization method. It's also similar to DoD 5220.22-M except that, as you see above, it doesn't verify the first two writes as DoD 5220.22-M does. Most programs that use the CSEC ITSG-06 method let you customize the passes. For example, you might be able to add a fourth pass of more random characters. However, if you change the method away from how it's described above, you'll no longer be using CSEC ITSG-06. For example, if you customize it to add a verification after the first two passes, you've moved away from CSEC ITSG-06 and built DoD 5220.22-M instead. Programs That Support CSEC ITSG-06 You don't see the CSEC ITSG-06 data sanitization method implemented by name in many data destruction programs but as we said above, it's awfully similar to other methods like NAVSO P-5239-26 and DoD 5220.22-M. However, one program that does use CSEC ITSG-06 is Active KillDisk, but it's not free to use. Another is WhiteCanyon WipeDrive, but only the Small Business and Enterprise versions. Most data destruction programs support multiple data sanitization methods in addition to CSEC ITSG-06. If you open one of the programs just mentioned, you'll have the option to use CSEC ITSG-06 but also several other data wipe methods, which is great if you later decide to use a different method or if you prefer to run multiple data sanitization methods on the same data. Even though there aren't many programs that advertise their support for CSEC ITSG-06, some data destruction applications let you build your own custom wipe method. This means you can replicate the passes from above to make something that matches or closely resembles the CSEC ITSG-06 method even if it's not apparent that it's supported. CBL Data Shredder is one example of a program that lets you build custom wipe methods. More About CSEC ITSG-06 The CSEC ITSG-06 sanitization method was originally defined in Section 2.3.2 of IT Security Guidance 06: Clearing and Declassifying Electronic Data Storage Devices, published by Communication Security Establishment Canada (CSEC). CSEC ITSG-06 replaced RCMP TSSIT OPS-II as Canada's data sanitization standard. CSEC also recognizes Secure Erase as an approved method of sanitizing data.