Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: HD destruction
From: Jeff Kell <jeff-kell () UTC EDU>
Date: Thu, 15 Mar 2007 11:24:56 -0400

Ray Bruder wrote:
   We currently use an outside vendor to destroy our hard drives and
receive a document of certification this work has been completed.
Does anyone simply have the HD's scrubbed and receive a certified doc
and feel this is sufficient?  I was led to believe in the past that you
can still recover data from scrubbed drives.

I was recently "enlightened" on the current state-of-the-art of drive erasure/wiping/destruction at a SANS Forensics 
class.  It was pointed out that the new NIST standards state:

NIST SP800-88 - "Studies have shown that most of today's media can be
effectively cleared by one overwrite."

"Purging information is a media sanitization process that protects
the confidentiality of information against a laboratory attack.  For
some media, clearing media would not suffice for purging.  However,
for ATA disk dries manufactured after 2001 (over 15GB) the terms
clearing and purging have converged."

http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf

Jeff

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]