SecureWipe: ANSSI and NIST-compliant secure disk erasure, because rm -rf isn't enough

In a medical environment subject to HDS (French healthcare data hosting regulations) and NIS2, decommissioning a hard drive is not a trivial operation. A rm -rf or even a quick format doesn't destroy data — it just dereferences the files. The data remains physically present and recoverable. I built SecureWipe to have an auditable erasure tool, compliant with recognized standards, and usable without friction in a real operational context.

Why not just use shred, wipe, or DBAN?

These tools exist and work. But they come with real problems in a professional context:

• No native traceability: no usable erasure report for an audit or a documented decommissioning procedure
• Vague compliance: shred does random passes, but doesn't align with any specific standard (ANSSI, NIST)
• DBAN has been end-of-life since 2015, replaced by Blancco which is commercial
• No integration into existing Python workflows

SecureWipe addresses these gaps: written in Python, it documents every operation and implements referenced erasure methods.

Implemented standards

ANSSI Tier 1 and Tier 2

The French national cybersecurity agency (ANSSI) defines two levels in its data destruction guide:

• Tier 1: logical erasure by overwrite (1 pass of zeros or random data). Sufficient for most internal decommissioning cases.
• Tier 2: enhanced erasure with multiple passes and verification. Required for media that held sensitive or classified data.

NIST SP 800-88 Rev.2

The U.S. reference standard for media sanitization. It defines three levels: Clear, Purge, and Destroy. SecureWipe covers the Clear and Purge levels depending on the media type and data sensitivity.

What SecureWipe does

SecureWipe v1.1.0
├── Automatic detection of available disks
├── Erasure level selection (ANSSI T1 / ANSSI T2 / NIST Clear / NIST Purge)
├── Overwrite passes execution with verification
├── Generation of a timestamped erasure report
└── Operation logging (disk, method, duration, result)

The generated report can be used directly in a decommissioning file or handed to a destruction vendor to complete the audit trail.

Usage example

# ANSSI Tier 2 erasure on /dev/sdb
sudo python3 securewipe.py --device /dev/sdb --method anssi-t2

# NIST Purge erasure with report generation
sudo python3 securewipe.py --device /dev/sdb --method nist-purge --report

The script refuses to run without elevated privileges and requires explicit confirmation with the device name before doing anything — no accidental wipes.

Why Python?

Python ships natively on all common Linux distributions and maintenance live USB environments. No dependency to compile, no binary to distribute, code that's directly readable and auditable.

For a security tool designed to run in critical contexts (end-of-life medical server, hardware returned to a vendor), code transparency is a non-negotiable requirement.

Creation context: HDS and NIS2

In a healthcare facility, decommissioning a storage medium that held health data (EHR, PACS, RIS data) is a regulated operation:

• HDS mandates traceability of the destruction of hosted data
• NIS2 Article 21 covers asset lifecycle management, including secure decommissioning
• Internal ISMS/PSSI procedures must document the erasure method used

SecureWipe generates exactly what you need to fill that box: a timestamped report, with the applied method, on which device, on which date, with what result.

Known limitations

• SSDs and NVMe: overwrite-based erasure is less reliable on flash media due to wear leveling and spare cells. On these drives, the recommended approach is NVMe Secure Erase (via nvme format) or physical destruction. SecureWipe flags this explicitly.
• Encrypted drives: if the drive is encrypted (LUKS, BitLocker), destroying the encryption key plus one overwrite pass is generally sufficient. SecureWipe can be used as a complement.

License and contributions

Project released under the GPL V3, code available on GitHub.

Contributions welcome: native NVMe Secure Erase support, TUI interface, integration into Ansible decommissioning playbooks.

→ github.com/Grujowmi/SecureWipe

---

Built from a real operational need, in a medical environment under HDS and NIS2 compliance or others. If you manage end-of-life assets in a regulated sector, feedback in the comments is very welcome.