Page 330 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 330

Purging Purging is a more intense form of clearing that prepares
               media for reuse in less secure environments. It provides a level of

               assurance that the original data is not recoverable using any known
               methods. A purging process will repeat the clearing process multiple
               times and may combine it with another method such as degaussing to
               completely remove the data. Even though purging is intended to
               remove all data remnants, it isn’t always trusted. For example, the U.S.
               government doesn’t consider any purging method acceptable to purge
               top secret data. Media labeled top secret will always remain top secret

               until it is destroyed.

               Degaussing A degausser creates a strong magnetic field that erases
               data on some media in a process called degaussing. Technicians
               commonly use degaussing methods to remove data from magnetic
               tapes with the goal of returning the tape to its original state. It is
               possible to degauss hard disks, but we don’t recommend it.
               Degaussing a hard disk will normally destroy the electronics used to

               access the data. However, you won’t have any assurance that all of the
               data on the disk has actually been destroyed. Someone could open the
               drive in a clean room and install the platters on a different drive to
               read the data. Degaussing does not affect optical CDs, DVDs, or SSDs.

               Destruction Destruction is the final stage in the lifecycle of media
               and is the most secure method of sanitizing media. When destroying

               media it’s important to ensure that the media cannot be reused or
               repaired and that data cannot be extracted from the destroyed media.
               Methods of destruction include incineration, crushing, shredding,
               disintegration, and dissolving using caustic or acidic chemicals. Some
               organizations remove the platters in highly classified disk drives and
               destroy them separately.




                             When organizations donate or sell used computer

                  equipment, they often remove and destroy storage devices that
                  hold sensitive data rather than attempting to purge them. This

                  eliminates the risk that the purging process wasn’t complete, thus
                  resulting in a loss of confidentiality.
   325   326   327   328   329   330   331   332   333   334   335