What's Hot

    Foods To Avoid If You Have An Enlarged Prostate

    June 3, 2023

    From Drab to Fab: Transform Your Bathroom with These Plumbing DIYs

    May 30, 2023

    What are the Benefits of Bed Bug Heat Treatment

    May 30, 2023
    Facebook Twitter Instagram
    Facebook Twitter Instagram
    pixelion.net
    Subscribe
    • Home
    • News

      From Drab to Fab: Transform Your Bathroom with These Plumbing DIYs

      May 30, 2023

      How Freight Forwarders Can Reduce Costs and Improve Efficiency with Automation?

      March 16, 2023

      Ways to acquire more likes on Instagram

      March 2, 2023

      Get your seafood delivered to your place instantly

      February 1, 2023

      Use Spytector as the best keylogger to boost employee productivity!

      January 22, 2023
    • Arts
      1. Fashion
      2. Lifestyle
      3. Home Improvement
      4. View All

      5 interesting facts about gemstone jewelry

      January 20, 2023

      All the information you need to make the best bra choice

      November 29, 2022

      Top Dress Trends for Mothers of the Brides

      November 21, 2022

      Latest Apparel Homewares Accessibility Online with Safe and Secure Delivery

      October 14, 2022

      The Rise Of Metallic Temporary Tattoos: Trends And Styles

      April 17, 2023

      Eid Outfit Ideas For Women – What To Wear?

      April 12, 2023

      Humor on the Internet. Why do we like to laugh?

      March 31, 2023

      Did Yasser Arafat used taweez to become a great leader

      November 3, 2022

      Get a complete home security solution for your home

      May 30, 2023

      Several Households in the US Earning Over $150,000 Still Prefer Rented Homes

      March 14, 2023

      Everything You Need To Know About Plumber’s Putty & Garbage Disposals

      January 14, 2023

      Air Or Ground Heat Pump: What Is Best For You?

      January 14, 2023

      Get a complete home security solution for your home

      May 30, 2023

      The Rise Of Metallic Temporary Tattoos: Trends And Styles

      April 17, 2023

      Eid Outfit Ideas For Women – What To Wear?

      April 12, 2023

      Humor on the Internet. Why do we like to laugh?

      March 31, 2023
    • Business
      1. Digital Marketing
      2. Insurance
      3. View All

      How to Create a Result-driven Google AdWords Campaign?

      January 4, 2023

      How to Become Successful in Digital Marketing Industry

      November 11, 2022

      Increasing Website Ranking at Lighting Speed with High-End Local SEO Specialists in San Diego

      November 2, 2022

      Simple ways to use the power of persuasion in marketing

      June 30, 2022

      How will Modifications Affect My Car Insurance?

      March 24, 2023

      What are the Riders/Add-on Covers Available for Kotak Assured Savings Plan?

      October 18, 2022

      Secrets to Get a Bad Credit Car Loan Approval Revealed

      January 19, 2022

      UNVERIFIED DRIVING RECORD, INEXPERIENCED OPERATOR OR NO US LICENSE

      December 4, 2021

      When Are Private Mortgage Lenders In BC A Better Choice To Banks

      May 16, 2023

      What Flexibility Does a ULIP Plan Offer?

      May 2, 2023

      Benefits Of ASP.NET Development for Your Project

      May 1, 2023

      What Happens if You Get Caught Buying CC from eracvv?

      April 25, 2023
    • Entertainment

      Looking for Something to Watch? Check Out the Latest Web Series Online

      May 15, 2023

      Latest Movies & Web Series To Watch Before The Year Ends

      January 3, 2023

      The Ultimate Workout Song: Boost Your Motivation with “Ball for Me” by Post Malone

      January 2, 2023

      An Introduction To Classical Music Pioneer – Ludwig Van

      December 6, 2022

      Brec Bassinger Shines in DC’s Stargirl

      March 30, 2022
    • Health
      1. Fitness
      2. View All

      Prime 4 Benefits of Waxing

      November 30, 2022

      How to Take Care of Different Skin Types

      December 3, 2021

      How spinning made my day

      December 3, 2021

      How to Better your Brain’s Fitness: Ido Fishman

      December 3, 2021

      What are the Benefits of Bed Bug Heat Treatment

      May 30, 2023

      How To Remove A Mole From Your Face

      May 18, 2023

      Chronic Disease Management From HealthTap

      April 1, 2023

      A Complete Guide to Start a Medical Store Business

      February 21, 2023
    • Technology
      1. App
      2. Gadget
      3. Games
      4. SEO
      5. Software
      6. View All

      How to Download Videos from TikTok

      January 18, 2022

      Build Up Your Instagram Authority Using Insfollowers App

      December 2, 2021

      How online classes apps are making the world a better place.

      December 2, 2021

      Ten technology trends for the next decade

      December 2, 2021

      Transferring risky items from air freight

      December 4, 2021

      How to protect your IT gadgets at home from external virus attacks

      December 4, 2021

      Laptop Rental makes its status as The Most beneficial Gadget

      December 4, 2021

      Best Tech Gadgets to Upgrade Your Home

      December 4, 2021

      Play Online With a Variety of Games Available on the Internet

      October 28, 2022

      Baccarat recipe 2022, cash siphon 10,000 every day, direct site, fast withdrawal at fingertips

      March 6, 2022

      The sad end of FC Dnipro

      February 21, 2022

      How To Safely Play Casinos Online

      January 29, 2022

      The Advantages and Disadvantages of Doing Your Own SEO

      June 4, 2022

      WHY IS SEARCH ENGINE OPTIMISATION (SEO) IMPORTANT?

      March 24, 2022

      Digital Marketing Changes in 2022 updates

      December 3, 2021

      What is SEO and How to Optimise Your Website For High Search Engine Ranking

      December 3, 2021

      Electrician Bidding Software for Residential, Commercial, and Industrial projects

      February 14, 2023

      Here’s How You Can Improve The Employee Attendance For Better Payroll System

      February 14, 2023

      How Accounting Software Helps Contractors To Make Higher Profit? 

      February 14, 2023

      What is Continuous Localization?

      February 8, 2023

      Top Premium WooCommerce Themes for 2023

      May 16, 2023

      What is Web Hosting? 4 Web Hosting Types You Need to Know

      March 15, 2023

      Upgrade Your Vehicle With LED Brake Light Bulbs

      February 28, 2023

      The Importance of DevOps: Streamlining the Software Delivery Process

      February 23, 2023
    • World
      1. Education
      2. Foods
      3. Pets
      4. Travel
      5. View All

      Fun with Words

      January 24, 2023

      Physics Tuition for School Students in Coimbatore

      December 23, 2022

      Avoiding cyber bullying for students

      March 12, 2022

      What is EDA in Data Science?

      March 11, 2022

      Foods To Avoid If You Have An Enlarged Prostate

      June 3, 2023

      Ice Cream Maker Free Chocolate

      December 3, 2021

      Quinoa new recipes, feta & broad bean salad

      December 3, 2021

      At Value-Focused Hotels, the Free Breakfast Gets Bigger

      December 3, 2021

      Top Reptile Pets to Own

      June 28, 2022

      5 Reasons to Buy A Cat Shelf For Your Feline Friends

      December 4, 2021

      Which kind of rib bones dogs can eat?

      December 4, 2021

      8 Essential Products Necessary For New Pet Owners

      December 4, 2021

      The best attractions to visit while staying at Arizona luxury vacation rentals

      April 11, 2023

      Niagara Falls Party Bus Limousine Rental Service

      December 6, 2022

      Why You Need Hamilton Limousine Rentals?

      December 4, 2022

      3 Things That Make New Orleans So Interesting

      July 29, 2022

      Foods To Avoid If You Have An Enlarged Prostate

      June 3, 2023

      The best attractions to visit while staying at Arizona luxury vacation rentals

      April 11, 2023

      Fun with Words

      January 24, 2023

      Physics Tuition for School Students in Coimbatore

      December 23, 2022
    • Sports

      How to Choose a Winning Captain for your Fantasy Cricket Team

      May 17, 2023

      Watch Star Sports on TV in 4K, Here’s How!

      April 27, 2023

      Tips for Hosting an Amazing Sporting Event Party

      January 24, 2023

      Interesting facts about Cristiano Ronaldo

      January 4, 2023

      How To Make Real-Time Sports Broadcasting Work For You

      October 30, 2022
    Home»Technology»Five Steps to Planning Secure Data Sanitization & Disposition

    Five Steps to Planning Secure Data Sanitization & Disposition

    WashimBy WashimOctober 19, 2022Updated:October 20, 2022No Comments9 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Data is everywhere around us. Today, organizations are collecting and using more data than ever before  to drive growth. Global data storage is predicted to grow from 59 zettabytes in 2020 to more than 200 zettabytes by 2025, with half of this data forecasted to be stored in the cloud (for reference, a zettabyte is 1 billion terabytes or 1 trillion gigabytes).

    Along with rapid proliferation of data, organizations are also now dependent on complex and distributed data storage systems and more frequent hardware replacement events. These realities have created the need for frequent decommissions, refreshes and upgrades of tech assets.

    Why is Data Sanitization and Disposition Policy Important?

    Massive proliferation of data, complex data storage systems and system replacements make data systems sanitization and disposition planning an important requirement for businesses so they can protect their data, their clients and their reputation from unauthorized access. 

    What makes data sanitization disposition planning a complex process is that data storage systems are more distributed than ever. Data now spans multiple organizations, storage devices and storage media. The distributed system means potential risks exist throughout the data life-cycle in the shape of residual data on unsanitized media as data 

    So, how should organizations go about planning a secure end-of-life certified data destruction? 

    The Nation Institute of Standards & Technology (NIST) in its Special Publication 800-88 Revision 1 offers some steps to ensure a successful & secure data destruction plan.

    1. Step 1: Understand your storage media ecosystem – In order to ensure a complete assessment of vulnerable data storage, “the initial system requirements should include hardware and software specifications as well as interconnections and data flow documents that will assist the system owner in identifying the types of media used in the system,” recommends the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-188, Revision 1. 

    Hardware and software specifications as well as data interconnections have important bearing on the type of data sanitization and disposition standards. Important factors to consider include:

      • Understanding Complexity of Storage Systems – There are many layers in a storage system, including storage media and storage devices, which can complicate the data sanitization process. Sanitization of storage media follows a different protocol than sanitization of storage devices that are used to retrieve data. For instance, monitors, may have sensitive data “burned into the screen” (NIST SP 800-88 Rev 1) and may require a different sanitization procedure than sanitization of storage media. Therefore, understanding the storage system in your organization is an important first step in creating a sound data sanitization and disposition policy.
      • Organizing Storage Media by Type – Types of storage media can have important implications for the correct sanitization method to be applied. For instance, magnetic storage media or Hard Disk Drives (HDDs) need to be sanitized and disposed of differently than a flash memory-based storage media. Similarly, there’s optical media, such as CDs and DVDs, where data is written and read with a laser. Data sanitization of optical media usually involves removal of data bearing layers, and then incinerating or shredding the device. Having a clear organization of data bearing media and involved storage devices will help you plan for recommended sanitization protocols.
      • Cataloging Storage Media Details – Along with rapid technological advances in storage media, the sanitization technology is also evolving. It’s important to deploy the right sanitization standards for storage media from a compliance perspective. For instance, the current degaussing technology, that demagnetizes platters that store data in HDDs, is not effective on emerging solid state disks media. Similarly, if you have encrypted data stored on your systems, an emerging sanitization method, such as Cryptographic Erase (CE), may be a preferred method. 
      • Mapping interconnections –  Media flows in and out of organizational control through data migration projects, out to vendors for equipment repairs, and hot swapped into other systems in response to hardware or software failures. This potential vulnerability can be mitigated through proper understanding of how data is interconnected across owned, leased and retired media, so sanitization and decommissioning of one does not impact the uptime of other systems.

    2. Understand the risk hierarchy of storage systems – The NIST SP 800-88 Rev 1 advises that organizations map out their storage systems according to the level of concern about data breach rather than according to the probability of unauthorized access. A good reference source for proper organization by risk hierarchy is the Federal Information Processing Standard (FIPS) 199, Standards for Security Categorization of Federal Information and Information Systems.

    Generally speaking, the risk categorization should be recorded as follows:

      1. The level of impact is considered low if the loss of confidentiality, integrity (without modifications or destruction of information), and availability of data systems could result in a limited adverse effect on the organization.
      2. The level of impact is considered moderate if the loss of confidentiality, integrity, and availability of data could result in a serious adverse effect on the organization.
      3. The level of impact is considered high if the loss of confidentiality, integrity, and availability of data could result in a severe or catastrophic effect on the organization.

    As an example, SC contract information = {(confidentiality, MODERATE), (integrity, MODERATE), (availability, LOW)} indicates that the security categorization of contract information would have moderate impact on the organization due to loss of confidentiality, moderate impact on the organization due to loss of integrity, and low impact on the organization due to loss of availability.

    Categorizing data systems by risk hierarchy will allow you to develop more stringent sanitization for high impact systems.

    3. Define Data Disposition Policies According to Risk Hierarchy, Life Cycle and Storage Media Type – The sanitization and disposition paths for storage media & devices follow different paths based on risk to the organization from loss of confidentiality, integrity, and availability. The life cycle of storage systems, especially whether it is to be reused (internally or externally), recycled or returned also has important implications on the appropriate data sanitization policies. Finally, the type of storage system guides the selection of the most appropriate data sanitization method.

    As an example, data on magnetic storage media (storage media type) with a high risk security categorization (risk hierarchy), if reused internally within the organization (lifecycle stage), should be sanitized using overwrite methods. If the same data on the magnetic storage media is leaving the organization, it should be destroyed. 

    See an easy to follow infographic to understand the different data destruction methods by lifecycle stage  and disk type.

    4. Obtain Certification of Disposition – In most cases, organizations will incur substantial opportunity costs in moving their internal IT staff to oversee and implement a decommissioning project on their own. There are countless details and too many potential opportunities for failure for IT departments that do not have experience with these types of projects. Therefore, it is best to work with a trusted partner who has experience completing similar decommissioning projects. 

    When you partner with a vendor to provide data sanitization scope of work, ensure that the company is process-driven and provides clear documentation, records, and chain of custody. The NIST SP 800-88 recommends that a certificate of media disposition should be provided for each piece of media that has been sanitized and must include the following:

      • Manufacturer
      • Model
      • Serial Number
      • Organizationally Assigned Media or Property Number (if applicable)
      • Media Type (i.e., magnetic, flash memory, hybrid, etc.)
      • Media Source (i.e., user or computer the media came from)
      • Pre-Sanitization Confidentiality Categorization (optional)
      • Sanitization Description (i.e., Clear, Purge, Destroy)
      • Method Used (i.e., degauss, overwrite, block erase, crypto erase, etc.)
      • Tool Used (including version)
      • Verification Method (i.e., full, quick sampling, etc.)
      • Post-Sanitization Confidentiality Categorization (optional)
      • Post-Sanitization Destination (if known)
      • For Both Sanitization and Verification:
        • Name of Person
        • Position/Title of Person 
        • Date o Location 
        • Phone or Other Contact Information 
        • Signature

    5. Ensure verification and ongoing quality assurance – The final step to planning secure data sanitization and disposition requires verification of all equipment sanitized (when available), followed by a representative sampling verification. As part of the verification process, NIST SP 800-88 Rev 1 recommends: 

      1. Verification of Equipment – This should include equipment calibration, testing and scheduled maintenance information.
      2. Verification of Personnel Competencies – As the name indicates, organizations should ensure that personnel in charge (in-house or outsourced) should have the competencies to perform data sanitization functions. When outsourcing, enterprises must carefully scrutinize vendor credentials and certifications such as NAID AAA, insurance coverage, data breach notification policies, and the scope of the contract. 
      3. Verification of Results – If conducting a full verification of all sanitized equipment, a full reading of all accessible areas should be done to ensure sanitized values are present in all addressable locations. If verification is conducted via a representative sampling, ensure that random locations are selected across the addressable space on the storage media and verifications are done to check for the presence of sanitized values.

    Conclusion 

    The steps outlined above should help you develop, execute and validate appropriate data sanitization and disposition procedures. If you don’t have a policy in place, look for a data sanitization and disposition vendor that can help create you a compliant policy. 

    Sources: 

    1. NIST Special Publication 800-88 Revision 1: Guidelines for Media Sanitization
    2. FIPS PUB 199: Standards for Security Categorization of Federal Information and Information Systems
    3. 5 Data Destruction Tips from NIST 800-88
    4. Difference between a storage medium and a storage device
    5. A Guide to Types of Sensitive Information
    6. iSIGMA Guidelines Book (also includes data on GDPR)

    About the Author

    Sphaera (Greek – Sphere) is a trusted IT services partner that provides full lifecycle IT management to network service providers, enterprise data centers, and Fortune 2000 enterprises. With proven experience and expertise from design to decommission, Sphaera owns the complexity and risk when building & managing mission critical IT infrastructure and helps companies deploy critical wireless and IT infrastructure, enhance performance, align technologies with the needs of their business, and elevate the strength of internal IT departments to ensure technology is an enabler of business performance. 

    Sphaera is strategically headquartered in Hillsboro, OR, with major delivery hubs in the San Francisco Bay Area, Chicago, Atlanta, New York, Las Vegas, the “Texas Triangle”, and the Northern Virginia locales.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Telegram Email
    Previous ArticleThe Largest Sizes of Powder Coating Ovens
    Next Article Muktupolis Sports Toto Betting Site
    Washim
    • Website

    Related Posts

    Top Premium WooCommerce Themes for 2023

    May 16, 2023

    What is Web Hosting? 4 Web Hosting Types You Need to Know

    March 15, 2023

    Upgrade Your Vehicle With LED Brake Light Bulbs

    February 28, 2023
    Add A Comment

    Leave A Reply Cancel Reply

    Recent Posts

    Foods To Avoid If You Have An Enlarged Prostate

    June 3, 2023

    From Drab to Fab: Transform Your Bathroom with These Plumbing DIYs

    May 30, 2023

    What are the Benefits of Bed Bug Heat Treatment

    May 30, 2023

    Get a complete home security solution for your home

    May 30, 2023
    Categories
    • All
    • App
    • Arts
    • Business
    • Digital Marketing
    • Education
    • Entertainment
    • Fashion
    • Fitness
    • Foods
    • Forex Review
    • Gadget
    • Games
    • Health
    • Home
    • Home Improvement
    • Insurance
    • Lifestyle
    • Movies
    • Music
    • News
    • Pets
    • SEO
    • Software
    • Software development
    • Sports
    • Technology
    • Tips and guide
    • Travel
    • World

    Pixelion is provide Technology, Business, Digital Marketing, Entertainment, Fashion, Pets, Foods, Games, Travels, Health, Lifestyle, Sports and Leading Web Magazine.

    We're social. Connect with us: support[at]gposting.com

    Facebook Twitter Instagram
    Latest Posts

    Foods To Avoid If You Have An Enlarged Prostate

    June 3, 2023

    From Drab to Fab: Transform Your Bathroom with These Plumbing DIYs

    May 30, 2023

    What are the Benefits of Bed Bug Heat Treatment

    May 30, 2023
    Top Categories
    • Fashion
    • Lifestyle
    • Business
    • Digital Marketing
    • Technology
    • Travel
    • Health
    • Entertainment
    • News
    • Sports
    • tutflix Free Education Community
    © Copyright 2021, All Rights Reserved
    • Home
    • Privacy Policy
    • Contact Us

    Type above and press Enter to search. Press Esc to cancel.