What is the HMG IS5 Method?

Details on the HMG IS5 Data Wipe Method

A top secret document being shredded
Image Source / Getty Images

HMG IS5 (Infosec Standard 5) is a software based data sanitization method used in some file shredder and data destruction programs to overwrite existing information on a hard drive or other storage device.

Erasing a hard drive using the HMG IS5 data sanitization method will prevent all software based file recovery methods from finding information on the drive and is also likely to prevent most hardware based recovery methods from extracting information.

This data wipe method actually comes in two similar versions - HMG IS5 Baseline and HMG IS5 Enhanced. I explain their differences below, as well as some programs that utilize this data sanitization method.

What Does the HMG IS5 Wipe Method Do?

Some data wipe methods only write a zero over the data, like with Write Zero. Others like Random Data only use random characters. However, HMG IS5 is a little different because it combines the two.

The HMG IS5 Baseline data sanitization method is usually implemented in the following way:

  • Pass 1: Writes a zero
  • Pass 2: Writes a random character and verifies the write

This is how HMG IS5 Enhanced normally works:

  • Pass 1: Writes a zero
  • Pass 2: Writes a one
  • Pass 3: Writes a random character and verifies the write

HMG IS5 Enhanced is almost identical the popular DoD 5220.22-M data sanitization method except that the first two passes don't require a verification.

It's also very similar to CSEC ITSG-06, which writes either a one or zero for the first two passes and then finishes with a random character and verification.

When a verification is required with an HMG IS5 pass, it means that the program needs to verify that the data was actually overwritten. If the verification fails, the program will most likely redo that pass or give you a notification that it didn't complete properly.

Note: Some data destruction programs and file shredders let you create your own custom wipe method. For example, you can add one pass of random characters and then three passes of zeros, or whatever you like. Therefore, you might be able to select HMG IS5 and then make a few changes to it to make it your own. However, any wipe method that differs from what's explained above is technically no longer HMG IS5.

Programs That Support HMG IS5

Eraser, Disk Wipe, and Delete Files Permanently are a few free applications that let you erase data using the HMG IS5 data sanitization method. Other programs like these exist too, but they're either not free or are only free during a trial period, like KillDisk.

Like I said above, some programs let you build your own data sanitization method. If you have a program that supports custom methods but it doesn't seem to let you use HMG IS5, you might be able to make one that's similar using the same passes I described in the previous section.

Most data destruction programs support multiple data sanitization methods in addition to HMG IS5. This means you can open one of these programs, like the ones I liked to above, and choose a different data sanitization method if you later decide to use something other than HMG IS5.

More About HMG IS5

The HMG IS5 sanitization method was originally defined in the HMG IA/IS 5 Secure Sanitisation of Protectively Marked Information or Sensitive Information document, published by the Communications-Electronics Security Group (CESG), part of the UK Government Communications Headquarters (GCHQ).