Loading…
Disposal of Disk and Tape Data by Secure Sanitization
User data is often unprotected on disk and tape drives or not erased when no longer needed, creating data security vulnerabilities that many computer users are unaware of. Federal and state laws require data sanitization, which comprises a variety of data eradication methods. Secure sanitization ref...
Saved in:
| Published in: | IEEE security & privacy 2009-07, Vol.7 (4), p.29-34 |
|---|---|
| Main Authors: | , , |
| Format: | Magazinearticle |
| Language: | English |
| Subjects: | |
| Citations: | Items that this one cites Items that cite this one |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | cdi_FETCH-LOGICAL-c313t-b090adf9b4c433f34e8c9ca86345d7e437755d75c1d3989896bbed2c17fdcdb73 |
|---|---|
| cites | cdi_FETCH-LOGICAL-c313t-b090adf9b4c433f34e8c9ca86345d7e437755d75c1d3989896bbed2c17fdcdb73 |
| container_end_page | 34 |
| container_issue | 4 |
| container_start_page | 29 |
| container_title | IEEE security & privacy |
| container_volume | 7 |
| creator | Hughes, Gordon F. Coughlin, Tom Commins, Daniel M. |
| description | User data is often unprotected on disk and tape drives or not erased when no longer needed, creating data security vulnerabilities that many computer users are unaware of. Federal and state laws require data sanitization, which comprises a variety of data eradication methods. Secure sanitization refers to methods meeting those federal and state laws. Companies that fail to meet these laws can be subject to fines of 5 million, and individuals can be imprisoned for up to 10 years. Physical destruction of storage devices offers the highest security. But executing the disk drive internal secure-erase command also offers a higher security level than external-block-overwrite software, according to federal guideline NIST 800-88. Recent disk drives with internal full disk encryption now implement an enhanced secure-erase command that takes only milliseconds to complete. |
| doi_str_mv | 10.1109/MSP.2009.89 |
| format | magazinearticle |
| fullrecord | <record><control><sourceid>proquest_ieee_</sourceid><recordid>TN_cdi_ieee_primary_5189559</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>5189559</ieee_id><sourcerecordid>1671395952</sourcerecordid><originalsourceid>FETCH-LOGICAL-c313t-b090adf9b4c433f34e8c9ca86345d7e437755d75c1d3989896bbed2c17fdcdb73</originalsourceid><addsrcrecordid>eNpd0M9LwzAUB_AgCs7pyaOX4EmQzqRJmryjbP6CicLmOaRpCp1dU5P2MP96MyYe5B3e9_Dh8fgidEnJjFICd6-r91lOCMwUHKEJFUJlnPDieJ85ySQAO0VnMW4IySkVaoLEoom9j6bFvsYpf2LTVXhteocXZjC43OGVs2NweGW6Zmi-zdD47hyd1KaN7uJ3T9HH48N6_pwt355e5vfLzDLKhqwkQExVQ8ktZ6xm3CkL1qiCcVFJx5mUIgVhacVApSnK0lW5pbKubFVKNkU3h7t98F-ji4PeNtG6tjWd82PUtJCUgQCRJ3r9j278GLr0nQaas4JzxhO6PSAbfIzB1boPzdaEnaZE7xvUqUG9b1ArSPrqoBvn3J8UVIEQwH4AtZFqHA</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>magazinearticle</recordtype><pqid>912364434</pqid></control><display><type>magazinearticle</type><title>Disposal of Disk and Tape Data by Secure Sanitization</title><source>IEEE Xplore (Online service)</source><creator>Hughes, Gordon F. ; Coughlin, Tom ; Commins, Daniel M.</creator><creatorcontrib>Hughes, Gordon F. ; Coughlin, Tom ; Commins, Daniel M.</creatorcontrib><description>User data is often unprotected on disk and tape drives or not erased when no longer needed, creating data security vulnerabilities that many computer users are unaware of. Federal and state laws require data sanitization, which comprises a variety of data eradication methods. Secure sanitization refers to methods meeting those federal and state laws. Companies that fail to meet these laws can be subject to fines of 5 million, and individuals can be imprisoned for up to 10 years. Physical destruction of storage devices offers the highest security. But executing the disk drive internal secure-erase command also offers a higher security level than external-block-overwrite software, according to federal guideline NIST 800-88. Recent disk drives with internal full disk encryption now implement an enhanced secure-erase command that takes only milliseconds to complete.</description><identifier>ISSN: 1540-7993</identifier><identifier>EISSN: 1558-4046</identifier><identifier>DOI: 10.1109/MSP.2009.89</identifier><identifier>CODEN: ISPMCN</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>ANSI ; Commands ; Computer information security ; Computer programs ; Cryptography ; data encryption ; Data privacy ; data sanitization ; Data security ; degaussing ; Disk drives ; Disk recording ; Disks ; Drives ; enhanced secure erase ; File systems ; FIPS 140 ; Guidelines ; information resource management ; Laws ; legal ; Linux ; mass storage ; NIST ; NIST 800-88 ; Open source software ; secure erase ; security and privacy protection ; Software ; storage management ; Trusted Computing Group ; World Wide Web</subject><ispartof>IEEE security & privacy, 2009-07, Vol.7 (4), p.29-34</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2009</rights><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c313t-b090adf9b4c433f34e8c9ca86345d7e437755d75c1d3989896bbed2c17fdcdb73</citedby><cites>FETCH-LOGICAL-c313t-b090adf9b4c433f34e8c9ca86345d7e437755d75c1d3989896bbed2c17fdcdb73</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/5189559$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>780,784,27925,54796</link.rule.ids></links><search><creatorcontrib>Hughes, Gordon F.</creatorcontrib><creatorcontrib>Coughlin, Tom</creatorcontrib><creatorcontrib>Commins, Daniel M.</creatorcontrib><title>Disposal of Disk and Tape Data by Secure Sanitization</title><title>IEEE security & privacy</title><addtitle>SECP-M</addtitle><description>User data is often unprotected on disk and tape drives or not erased when no longer needed, creating data security vulnerabilities that many computer users are unaware of. Federal and state laws require data sanitization, which comprises a variety of data eradication methods. Secure sanitization refers to methods meeting those federal and state laws. Companies that fail to meet these laws can be subject to fines of 5 million, and individuals can be imprisoned for up to 10 years. Physical destruction of storage devices offers the highest security. But executing the disk drive internal secure-erase command also offers a higher security level than external-block-overwrite software, according to federal guideline NIST 800-88. Recent disk drives with internal full disk encryption now implement an enhanced secure-erase command that takes only milliseconds to complete.</description><subject>ANSI</subject><subject>Commands</subject><subject>Computer information security</subject><subject>Computer programs</subject><subject>Cryptography</subject><subject>data encryption</subject><subject>Data privacy</subject><subject>data sanitization</subject><subject>Data security</subject><subject>degaussing</subject><subject>Disk drives</subject><subject>Disk recording</subject><subject>Disks</subject><subject>Drives</subject><subject>enhanced secure erase</subject><subject>File systems</subject><subject>FIPS 140</subject><subject>Guidelines</subject><subject>information resource management</subject><subject>Laws</subject><subject>legal</subject><subject>Linux</subject><subject>mass storage</subject><subject>NIST</subject><subject>NIST 800-88</subject><subject>Open source software</subject><subject>secure erase</subject><subject>security and privacy protection</subject><subject>Software</subject><subject>storage management</subject><subject>Trusted Computing Group</subject><subject>World Wide Web</subject><issn>1540-7993</issn><issn>1558-4046</issn><fulltext>true</fulltext><rsrctype>magazinearticle</rsrctype><creationdate>2009</creationdate><recordtype>magazinearticle</recordtype><recordid>eNpd0M9LwzAUB_AgCs7pyaOX4EmQzqRJmryjbP6CicLmOaRpCp1dU5P2MP96MyYe5B3e9_Dh8fgidEnJjFICd6-r91lOCMwUHKEJFUJlnPDieJ85ySQAO0VnMW4IySkVaoLEoom9j6bFvsYpf2LTVXhteocXZjC43OGVs2NweGW6Zmi-zdD47hyd1KaN7uJ3T9HH48N6_pwt355e5vfLzDLKhqwkQExVQ8ktZ6xm3CkL1qiCcVFJx5mUIgVhacVApSnK0lW5pbKubFVKNkU3h7t98F-ji4PeNtG6tjWd82PUtJCUgQCRJ3r9j278GLr0nQaas4JzxhO6PSAbfIzB1boPzdaEnaZE7xvUqUG9b1ArSPrqoBvn3J8UVIEQwH4AtZFqHA</recordid><startdate>20090701</startdate><enddate>20090701</enddate><creator>Hughes, Gordon F.</creator><creator>Coughlin, Tom</creator><creator>Commins, Daniel M.</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>7SP</scope><scope>F28</scope><scope>FR3</scope></search><sort><creationdate>20090701</creationdate><title>Disposal of Disk and Tape Data by Secure Sanitization</title><author>Hughes, Gordon F. ; Coughlin, Tom ; Commins, Daniel M.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c313t-b090adf9b4c433f34e8c9ca86345d7e437755d75c1d3989896bbed2c17fdcdb73</frbrgroupid><rsrctype>magazinearticle</rsrctype><prefilter>magazinearticle</prefilter><language>eng</language><creationdate>2009</creationdate><topic>ANSI</topic><topic>Commands</topic><topic>Computer information security</topic><topic>Computer programs</topic><topic>Cryptography</topic><topic>data encryption</topic><topic>Data privacy</topic><topic>data sanitization</topic><topic>Data security</topic><topic>degaussing</topic><topic>Disk drives</topic><topic>Disk recording</topic><topic>Disks</topic><topic>Drives</topic><topic>enhanced secure erase</topic><topic>File systems</topic><topic>FIPS 140</topic><topic>Guidelines</topic><topic>information resource management</topic><topic>Laws</topic><topic>legal</topic><topic>Linux</topic><topic>mass storage</topic><topic>NIST</topic><topic>NIST 800-88</topic><topic>Open source software</topic><topic>secure erase</topic><topic>security and privacy protection</topic><topic>Software</topic><topic>storage management</topic><topic>Trusted Computing Group</topic><topic>World Wide Web</topic><toplevel>online_resources</toplevel><creatorcontrib>Hughes, Gordon F.</creatorcontrib><creatorcontrib>Coughlin, Tom</creatorcontrib><creatorcontrib>Commins, Daniel M.</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Xplore (Online service)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>Electronics & Communications Abstracts</collection><collection>ANTE: Abstracts in New Technology & Engineering</collection><collection>Engineering Research Database</collection><jtitle>IEEE security & privacy</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Hughes, Gordon F.</au><au>Coughlin, Tom</au><au>Commins, Daniel M.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Disposal of Disk and Tape Data by Secure Sanitization</atitle><jtitle>IEEE security & privacy</jtitle><stitle>SECP-M</stitle><date>2009-07-01</date><risdate>2009</risdate><volume>7</volume><issue>4</issue><spage>29</spage><epage>34</epage><pages>29-34</pages><issn>1540-7993</issn><eissn>1558-4046</eissn><coden>ISPMCN</coden><abstract>User data is often unprotected on disk and tape drives or not erased when no longer needed, creating data security vulnerabilities that many computer users are unaware of. Federal and state laws require data sanitization, which comprises a variety of data eradication methods. Secure sanitization refers to methods meeting those federal and state laws. Companies that fail to meet these laws can be subject to fines of 5 million, and individuals can be imprisoned for up to 10 years. Physical destruction of storage devices offers the highest security. But executing the disk drive internal secure-erase command also offers a higher security level than external-block-overwrite software, according to federal guideline NIST 800-88. Recent disk drives with internal full disk encryption now implement an enhanced secure-erase command that takes only milliseconds to complete.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/MSP.2009.89</doi><tpages>6</tpages></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1540-7993 |
| ispartof | IEEE security & privacy, 2009-07, Vol.7 (4), p.29-34 |
| issn | 1540-7993 1558-4046 |
| language | eng |
| recordid | cdi_ieee_primary_5189559 |
| source | IEEE Xplore (Online service) |
| subjects | ANSI Commands Computer information security Computer programs Cryptography data encryption Data privacy data sanitization Data security degaussing Disk drives Disk recording Disks Drives enhanced secure erase File systems FIPS 140 Guidelines information resource management Laws legal Linux mass storage NIST NIST 800-88 Open source software secure erase security and privacy protection Software storage management Trusted Computing Group World Wide Web |
| title | Disposal of Disk and Tape Data by Secure Sanitization |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-26T15%3A48%3A33IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_ieee_&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Disposal%20of%20Disk%20and%20Tape%20Data%20by%20Secure%20Sanitization&rft.jtitle=IEEE%20security%20&%20privacy&rft.au=Hughes,%20Gordon%20F.&rft.date=2009-07-01&rft.volume=7&rft.issue=4&rft.spage=29&rft.epage=34&rft.pages=29-34&rft.issn=1540-7993&rft.eissn=1558-4046&rft.coden=ISPMCN&rft_id=info:doi/10.1109/MSP.2009.89&rft_dat=%3Cproquest_ieee_%3E1671395952%3C/proquest_ieee_%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c313t-b090adf9b4c433f34e8c9ca86345d7e437755d75c1d3989896bbed2c17fdcdb73%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=912364434&rft_id=info:pmid/&rft_ieee_id=5189559&rfr_iscdi=true |