Media Sanitization  NIST 800-88 Guidance  Terms Defined  When is media under/not under your control?  Flowchart for decision making  Spreadsheet of.

Slides:



Advertisements
Similar presentations
Ali Baydoun1 Controllers (hard drive controllers).
Advertisements

COEN 252 Computer Forensics Hard Drive Geometry. Drive Geometry Basic Definitions: Track Sector Floppy.
Disposal of Disk and Tape Data by Secure Sanitization EECS711 : Security Management and Audit Spring 2010 Presenter : Sara Mohseni Instructor : Dr. Hossein.
Identification and Disposition of Official University Records University of Texas at Arlington Records Management.
The International Security Standard
2008 Issue 4 NOTE: All material in this document is the confidential property of Infortrend Technology, Inc. Permission to use this publication is granted.
Data Destruction and The Impact on Recycling. Data Breaches In 2012, over 26M records from 617 data breaches were made public Average costs: –$194 per.
Disclaimer Certain trade names and company products are mentioned in the text or identified. In no case does such identification imply recommendation.
NOAA Computer/Hard Drive Sanitization Validation Form and PDA/Cell Phone Destruction Worksheet.
1 Module 10 Managing Partitions. 2  Overview Partitioning a Disk Using Disk Administrator General Maintenance and Troubleshooting.
Media Sanitization How to get rid of unwanted data so no one else can get it.
Disk Clearing and Disk Sanitization
Computer File Management One of the most important aspects of our job is information maintenance.
Agenda Safe disposal practices for computers and information: –Removing files and folders –Disposing of computers –Disposing of other electronic devices.
More than just an end of life solution A Best Practice Solution for sanitizing hard drives during their entire lifecycle CRADLE REFRESHES  Storage transfers.
Hard Disk Drives. ATA is the current standard, it uses regular molex power connectors and IDE cables. SATA is a newer product (also SATA2 is already in.
A Quick Review of Unit 1 – Recognizing Computers Computing Fundamentals © CCI Learning Solutions.
Chapter 3: Storage Devices & Media ALYSSA BAO 1. 2 Solid State controls movements of electrons within a microchip Optical uses precision lasers to access.
Identify a few method to dispose of the hard drive of computers.
Secondary Storage Unit 013: Systems Architecture Workbook: Secondary Storage 1G.
STORAGE DEVICES AND MEDIA BY: T.MINH. Backing Up Data Refers to the copying of files and data to different medium in case of problem with the main storage.
National Property Management Association Disposing of Assets Containing Sensitive Information Kim Doner, CPPM SRA International.
 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.
Information Technology
Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Accounting Electronic Records Management Process Your Company Name Here. Confidential. Revision # ___. Date: _____ By: _______________ 1 1. Full Access.
HIPAA COMPLIANCE PROTECT INFORMATION INCREASE RECYCLING SAVE MONEY.
PRIVACY AND INFORMATION SECURITY ESSENTIALS Information Security Policy Essentials Melissa Short, IT Specialist Office of Cyber Security- Policy.
Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.
The 4 functions of a computer are 1.Input 2.Output 3.Storage 4.Processing.
Ecords Management Records Management Paul Smallcombe Records & Information Compliance Manager.
Media Sanitization at the Idaho National Laboratory Jonathan Bates NLIT 2009.
Used to request permission to remove parts from an existing piece of inventory Assumes that the original equipment is being removed from the departmental.
Preventing Common Causes of loss. Common Causes of Loss of Data Accidental Erasure – close a file and don’t save it, – write over the original file when.
Data Destruction Is it really gone? Donna Read Chris Parker Florida Gulf Coast ARMA Chapter April 2013.
2006 INCITS Technical Committee Officers Symposium Washington DC T13 ATA Storage Interface Dan Colegrove, Chairman.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2011 Lecture 11 09/27/2011 Security and Privacy in Cloud Computing.
Power Supplies. Takes electricity from the wall socket and transforms it into electricity to run the motherboard and other internal components.
COEN 252 Computer Forensics Hard Drive Geometry. Drive Geometry Basic Definitions: Track Sector Floppy.
Computer Foundations Dr. John P. Abraham Professor UTPA.
Slides copyright 2010 by Paladin Group, LLC used with permission by UMBC Training Centers, LLC.
Records Management: The Public Records Act, the Library of Virginia, and You Glenn Smith Records Management Analyst.
1 Software. 2 What is software ► Software is the term that we use for all the programs and data on a computer system. ► Two types of software ► Program.
1 Figure 10-4: Intrusion Detection Systems (IDSs) Actions  Alarms  Interactive analysis Manual event inspection of raw log file Pattern retrieval 
ISO/IEC 27001:2013 Annex A.8 Asset management
WIC CONFIDENTIAL INFORMATION SPRING 2014 CALIFORNIA DEPARTMENT OF PUBLIC HEALTH WIC PROGRAM.
Parts of the computer Deandre Haynes. The Case The Case This Case is the "box" or "chassis" that holds and encloses the many parts of your computer. Its.
Award Management Services Procurement Outreach Training Level II - Module C Specialized Agreements.
Introduction to Computer Special Thanks S.W.A.ShahNIST.
HEALTH IT OBJECTIVE 1.1. U.S DEPARTMENT OF HEALTH AND HUMAN SERVICES (HHS) U.S. government agency for protecting the health of all Americans and providing.
Environmental Symposium Data Security And Destruction Issues A.K.A. - Disk Sanitization Mike Caltabiano Environmental Protection Agency, Office of Environmental.
Award Management Services Procurement Outreach Training Level II - Module C Specialized Agreements.
PRESENTED BY Raju. What is information security?  Information security is the process of protecting information. It protects its availability, privacy.
Storage Devices. Diskette plastic flexible disk enclosed inside a tough plastic cover. Properties : - Diskettes are slow and have a low capacity (1,44.
Computer Storage. What is Primary Storage? ● Primary storage is computer memory that is directly accessible to the CPU of a computer without the use of.
Secondary Storage Thin, rigid covered with a substance that allows data to be held in the form of The more there are, the.
Tips for Efficient Air Conditioning Maintenance
Data Destruction Standards & Compliance
USB flash drive A flash drive consists of a small printed circuit board carrying the circuit elements and a USB connector, insulated electrically and protected.
PREPARING AND REQUESTING PROPERTY REMOVAL
Information Technology
Waterproof And Shock Resistant
Hard protection of words
Waterproof And Shock Resistant
Chapter 12: Archiving Rationale to tidy up project items
IS4680 Security Auditing for Compliance
Waterproof And Shock Resistant
Turn-in Guidance for Disposition of
Presentation transcript:

Media Sanitization  NIST Guidance  Terms Defined  When is media under/not under your control?  Flowchart for decision making  Spreadsheet of methods for media sanitization  Quick way to reduce large inventories

Terms Clearing – protection against a keyboard attack Clearing – protection against a keyboard attack Purging – protection against laboratory attack Purging – protection against laboratory attack Destroying – media cannot be reused Destroying – media cannot be reused ATA disk drives manufactured after 2001 (over 15 GB) the terms clearing and purging have converged.

NIST Guidance - Control Under Organization Control: Under Organization Control: Media being turned over for maintenance are still considered under Media being turned over for maintenance are still considered under organization control if contractual agreements are in place with the organization control if contractual agreements are in place with the organization and the maintenance provider specifically provides for the organization and the maintenance provider specifically provides for the confidentiality of the information. confidentiality of the information. Maintenance being performed on an organization’s site, under the Maintenance being performed on an organization’s site, under the organization’s supervision, by a maintenance provider is also considered organization’s supervision, by a maintenance provider is also considered under the control of the organization. under the control of the organization. Not Under Organization Control: Not Under Organization Control: Media that are being exchanged for warranty, cost rebate, or other Media that are being exchanged for warranty, cost rebate, or other purposes and where the specific media will not be returned to the purposes and where the specific media will not be returned to the organization are considered to be out of organizational control. organization are considered to be out of organizational control.

Helpful Tips Document the serial number, of both the Hard Drive and host computer. Document the serial number, of both the Hard Drive and host computer. SCSI drives, once removed from host, overwriting becomes difficult to impossible SCSI drives, once removed from host, overwriting becomes difficult to impossible Degaussers are rated by ORSTEDS they produce - your drive may require higher Degaussers are rated by ORSTEDS they produce - your drive may require higher Many modern Degaussers’s chamber height is approx. 1” high Many modern Degaussers’s chamber height is approx. 1” high Pre-destruction may be permissible at your facility. Pre-destruction may be permissible at your facility. Consider chain of custody if using an offsite service provider Consider chain of custody if using an offsite service provider

Chain of Custody improvements

Pre-Destruction

Degausser capacity (NSA DEPL – March 2008 Pg.9)

Questions/Contact info Perry Dollar, CISSP, VACSP Perry Dollar, CISSP, VACSP Media Sanitization Program Manager Media Sanitization Program Manager Department of Veterans Affairs Department of Veterans Affairs Xt Xt.254

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.