Secure data erasure: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
Line 4: | Line 4: | ||
=== Certified data erasure === | === Certified data erasure === | ||
After conclusion of a troubleshooting mission, it is COMCERT's policy to completely remove all data | After conclusion of a troubleshooting mission, it is COMCERT's policy to completely remove all data from the tool's HDD and SDD by reimaging the server. | ||
We also offer | We also offer a paid option to erase the data using a certified data ersure software for HDD and SDD. Wiping a server using these standards can take from a couple of hours to more than a week. | ||
| |
Revision as of 09:31, 21 March 2018
Introduction
Certified data erasure
After conclusion of a troubleshooting mission, it is COMCERT's policy to completely remove all data from the tool's HDD and SDD by reimaging the server.
We also offer a paid option to erase the data using a certified data ersure software for HDD and SDD. Wiping a server using these standards can take from a couple of hours to more than a week.
Solution
Supported erasure standards
Erasure standard | Overwriting rounds |
---|---|
Air Force System Security Instruction 5020 | 4 |
Aperiodic random overwrite | 1 |
Blancco SSD Erasure | 2+ * |
Bruce Schneier's Algorithm | 7 |
BSI-GS | 1-2 * |
BSI-GSE | 2-3 * |
CESG CPA – Higher Level | 3 |
Cryptographic Erasure | 0 ** |
DoD 5220.22-M | 3 |
DoD 5220.22-M ECE | 7 |
NIST 800-88 Clear | 0-1 * |
NIST 800-88 Purge | 0 * |
Firmware Based Erasure | 0 * |
Extended Firmware Based Erasure | 1 * |
HMG Infosec Standard 5, Higher Standard | 3 |
HMG Infosec Standard 5, Lower Standard | 1 |
National Computer Security Center (NCSC-TG-025) | 4 |
Navy Staff Office Publication (NAVSO P-5239-26) | 3 |
NSA 130-1 | 3 |
OPNAVINST 5239.1A | 3 |
Peter Gutmann's Algorithm | 35 |
U.S. Army AR380-19 | 3 |
(*) Standard including a firmware based erasure step
(**) When a Cryptographic Erasure command is given, the drive self-generates a new media encryption key and goes into a 'new drive' state. Without the old key, the old data becomes irretrievable.