Secure Erasure Methods for Cloud Customers Using Volume Storage

D.

Cryptographic erasure is a secure method to destroy data by destroying the keys that were used to encrypt it.

This method is universally available for volume storage on IaaS and is also extremely quick.

Shredding, degaussing, and demagnetizing are all physically destructive methods that would not be permitted within a cloud environment using shared resources.

When it comes to securely erasing data from cloud storage, regulatory requirements may dictate specific methods to be used. In this case, the question asks which secure erasure methods are available to a cloud customer using volume storage within the IaaS service model.

A. Demagnetizing: This method involves exposing magnetic media to a magnetic field that is strong enough to erase the data on the storage medium. However, this method is not applicable to cloud storage since it's not a physical device.

B. Shredding: Shredding involves destroying physical storage devices such as hard drives, CDs or DVDs. This method is also not applicable to cloud storage since it's not a physical device.

C. Degaussing: Degaussing is a method of erasing data on magnetic media by exposing the media to a magnetic field that neutralizes the magnetic domains on the media. However, degaussing is not applicable to cloud storage since it's not a physical device.

D. Cryptographic erasure: This method involves using cryptographic techniques to render the data on the storage medium unreadable. Cryptographic erasure is a common method used to securely erase data from cloud storage. When data is encrypted, it is transformed into an unreadable format that can only be decrypted with a key. When the key is destroyed or overwritten, the data becomes permanently unreadable.

Therefore, the answer is D. Cryptographic erasure is a secure method that can comply with regulatory requirements for securely erasing data from cloud storage.