Disposal of Disk and Tape Data by Secure Sanitization

User data is often unprotected on disk and tape drives or not erased when no longer needed, creating data security vulnerabilities that many computer users are unaware of. Federal and state laws require data sanitization, which comprises a variety of data eradication methods. Secure sanitization ref...

Full description

Saved in:
Bibliographic Details
Published in:IEEE security & privacy 2009-07, Vol.7 (4), p.29-34
Main Authors: Hughes, Gordon F., Coughlin, Tom, Commins, Daniel M.
Format: Magazinearticle
Language:English
Subjects:
ANSI
Commands
Computer information security
Computer programs
Cryptography
data encryption
Data privacy
data sanitization
Data security
degaussing
Disk drives
Disk recording
Disks
Drives
enhanced secure erase
File systems
FIPS 140
Guidelines
information resource management
Laws
legal
Linux
mass storage
NIST
NIST 800-88
Open source software
secure erase
security and privacy protection
Software
storage management
Trusted Computing Group
World Wide Web
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:User data is often unprotected on disk and tape drives or not erased when no longer needed, creating data security vulnerabilities that many computer users are unaware of. Federal and state laws require data sanitization, which comprises a variety of data eradication methods. Secure sanitization refers to methods meeting those federal and state laws. Companies that fail to meet these laws can be subject to fines of 5 million, and individuals can be imprisoned for up to 10 years. Physical destruction of storage devices offers the highest security. But executing the disk drive internal secure-erase command also offers a higher security level than external-block-overwrite software, according to federal guideline NIST 800-88. Recent disk drives with internal full disk encryption now implement an enhanced secure-erase command that takes only milliseconds to complete.
ISSN:1540-7993
1558-4046
DOI:10.1109/MSP.2009.89