What Is the NZSIT 402 Method?

Details on the NZSIT 402 Data Wipe Method

NZSIT 402 is a software-based data sanitization method that's used as the standard wipe method by the New Zealand government and any contractor or consultant that provides services to the government.

Erasing a hard drive using the NZSIT 402 data sanitization method will prevent all software-based file recovery methods from lifting information from the hard drive and is also likely to prevent most hardware-based recovery methods from extracting information.

We keep a list of file shredder and data destruction programs that can be used to overwrite existing information on a hard drive or other storage device.

Picture of a hand erasing equations on a chalkboard
Jeffrey Coolidge / Stone / Getty Images

This sanitization method is oftentimes written with a hyphen like NZSIT-402.

What Does the NZSIT 402 Wipe Method Do?

The NZSIT 402 data sanitization method is typically implemented in the following way:

  • Pass 1: Writes a random character and verifies the write

This means that, like the Random Data and Gutmann method, NZSIT 402 just writes a random character over every piece of information on the device. These are different than other wipe methods like Write Zero, which just uses zeros.

To pass the NZSIT 402 policy defined by the New Zealand government, the software must also check to make sure that everything has actually been overwritten, which is the "verify" part of the method. This is clearly stated in the document linked below:

When sanitizing media, it is necessary to read back the contents of the media to verify that the overwrite process completed successfully.

Other data sanitization methods that are extremely similar to NZSIT 402 include ISM 6.2.92, HMG IS5, CSEC ITSG-06, NAVSO P-5239-26, and RCMP TSSIT OPS-II. Each of these methods writes a random character and then finishes by verifying the write.

It's possible that a program that uses NZSIT 402 will let you make more than one pass over the drive, or it will do so automatically, like what you see when the Pfitzner method is used. This just means that it will do the exact same thing one more time (or 10 more times, etc.). Additional passes just mean that a random character (or whatever character the method uses) is written over an already-randomized piece of information.

If the software you're using doesn't support multiple passes, you could simply run the method again as many times as you like. This is true for NZSIT 402 as well as any other data sanitization method that you're using.

Programs That Support NZSIT 402

The only program we know of that explicitly states that it uses the NZSIT 402 method to erase data is Extreme Protocol Solutions' XErase software, but only the trial is free to use.

However, there are several free programs that support erasure methods that both write random characters to the drive and then verifies that the drive has been overwritten. Eraser, Disk Wipe, WipeFile, Privazer and Delete Files Permanently are a few.

These programs and most other data destruction programs provide the ability to use more than just one data sanitization method, so you can usually use them to run other data wipe methods, too.

Is NZSIT 402 Better Than Other Data Wipe Methods?

The answer to this question depends entirely on what you want to use the data sanitization method for, and if there are any requirements that must be met when you're erasing the data. For most people, however, NZSIT 402 is just as good as any other method.

Since data recovery programs most likely can't recover any data from a drive that's been overwritten with random data, you're equally safe using NZSIT 402 versus any other similar wipe method, like the ones mentioned above.

You can be confident that the data has been appropriate overwritten so long as the software reports back that the verification finished successfully. This is true for any wipe method, not just NZSIT 402.

However, something else to consider is standards. If you're erasing the hard drive for business purposes or some other reason in which a particular wipe method must be used, don't settle on something that isn't approved.

For example, if you're told that you have to have the data overwritten with more than one pass, you're better off using a different random data wipe method that actually utilizes multiple passes.

More About NZSIT 402

The NZSIT 402 (plus 400 and 401) sanitization method was originally defined in the New Zealand Security of Information Technology (NZSIT) manual. The latest version of NZSIT 402 replaced the previous policy in 2010 and has been defined in the New Zealand Information Security Manual (NZISM).

You can download the newest publication in the PDF format from the New Zealand Government Communications Security Bureau (GCSB) website. The newest version is NZISM February 2020 v3.3 and replaces NZISM December 2018 v3.2 and every other previous manual.

The Updates page details what's new in the February 2020 manual. You can find previously published NZISM versions here.