/ NIST 800-88 compliance
NIST 800-88, done right. Every media class.
NIST SP 800-88 Rev. 1 is the de-facto standard for data sanitization. Most tools claim compliance; few honour it correctly across SSDs, NVMe and modern mobile platforms. Stenfox Orion selects the correct Clear or Purge method automatically per media type, verifies the result, and binds it into a signed certificate auditors can verify.
What you get
ATA Secure Erase
Issued for SATA SSDs that honour the command. Falls back to crypto-erase or destruction when the device misbehaves — Orion never silently passes.
NVMe Sanitize
NVMe drives use the protocol's native sanitize crypto-erase. Post-wipe verification confirms the namespace is gone, not just the LBA map.
HDD overwrite
Multi-pass overwrite per NIST Purge guidance for rotational media, with verification reads and bad-block accounting.
iOS / Android crypto-erase
Platform-native key destruction (iOS Effaceable Storage, Android Keystore + FRP, macOS Secure Token / FileVault) with AI-verified post-wipe state.
Verification mandatory
Every wipe re-reads sectors, queries device firmware and runs an AI visual check. Pass requires all three. No exceptions.
Failure routing
Devices that can't be safely purged are flagged for physical destruction and routed to a tracked shred bin. No quiet pass.
/ FAQ
Frequently asked questions
What is NIST SP 800-88 Rev. 1?
NIST Special Publication 800-88 Rev. 1, 'Guidelines for Media Sanitization', is the US National Institute of Standards and Technology's reference for how to sanitize digital media before disposal. It defines three levels — Clear, Purge and Destroy — and specifies the appropriate technique per media class. It is the standard most enterprise data-destruction contracts and most R2v3 / ADISA / ISO 27001 certifications reference.
What is the difference between Clear and Purge?
Clear protects against keyboard attacks: a simple overwrite or factory reset. Purge protects against laboratory attacks: cryptographic erase or vendor sanitize commands that destroy the data even against a forensic adversary. Orion defaults to Purge where the device and customer SLA allow, falling back to Clear only when policy requires it.
How does Orion handle SSDs and NVMe correctly under 800-88?
Overwrite alone is insufficient on flash media because wear-levelling hides physical blocks from the host. Orion uses the protocol-native sanitize commands — ATA Secure Erase for SATA, NVMe Sanitize crypto-erase for NVMe — then verifies that the namespace is genuinely destroyed. If a controller fails to honour the command, Orion routes the drive to physical destruction rather than silently passing.
Does Orion comply with 800-88 for iPhones, Macs and Android?
Yes. Modern Apple and Android devices store user data encrypted at rest; Purge is implemented by destroying the encryption keys (effectively crypto-erase). Orion issues the platform-native key-destruction call (iOS Effaceable Storage, FileVault Secure Token destruction, Android Keystore key purge with Factory Reset Protection), then runs an AI-verified post-wipe state check.
Will Orion's certificate satisfy an 800-88 audit?
Yes. The certificate records the device serial / IMEI, the NIST 800-88 sanitization level chosen (Clear or Purge), the specific technique applied (ATA Secure Erase, NVMe Sanitize, key destruction, multi-pass overwrite), the verification result, the operator identity and a tamper-evident signature. This is the exact evidence an 800-88-referencing auditor asks for.
/ Ready when you are
See Orion run a real lane.
A 30-minute working demo on your own device mix — phones, laptops, drives, anything. Bring your hardest unit.