Home page logo

educause logo Educause Security Discussion mailing list archives

Re: HD destruction
From: Jeff Kell <jeff-kell () UTC EDU>
Date: Thu, 15 Mar 2007 11:24:56 -0400

Ray Bruder wrote:
   We currently use an outside vendor to destroy our hard drives and
receive a document of certification this work has been completed.
Does anyone simply have the HD's scrubbed and receive a certified doc
and feel this is sufficient?  I was led to believe in the past that you
can still recover data from scrubbed drives.

I was recently "enlightened" on the current state-of-the-art of drive erasure/wiping/destruction at a SANS Forensics 
class.  It was pointed out that the new NIST standards state:

NIST SP800-88 - "Studies have shown that most of today's media can be
effectively cleared by one overwrite."

"Purging information is a media sanitization process that protects
the confidentiality of information against a laboratory attack.  For
some media, clearing media would not suffice for purging.  However,
for ATA disk dries manufactured after 2001 (over 15GB) the terms
clearing and purging have converged."



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]