NIST 800-88 Simplified Data Destruction GuidelinesThese rules are the foundation of the rules by US Government agencies
NIST 800-88 Simplified
NIST standards are often quoted by information security officers and data destruction professionals. Below are the standards for clearing, purging, and destroying data. It is important to point out that the clearing is only a option for low security systems. The complete guideline is a 50 page document, this is a excerpt. Erecycler knows the NIST guidelines and can help get your company into compliance with these rules, contact us today.
National Institute of Standards and Technology Special Publication 800-88 Revision 1 Natl. Inst. Stand. Technol. Spec. Publ. 800-88 Revision 1, 64 pages (December 2014) CODEN: NSPUE2
This publication is available free of charge from:
Several different methods can be used to sanitize media. Four of the most common are presented in this section. Users of this guide should categorize the information to be disposed of, assess the nature of the medium on which it is recorded, assess the risk to confidentiality, and determine the future plans for the media. Then, using information in Table 5-1, decide on the appropriate method for sanitization. The selected method should be assessed as to cost, environmental impact, etc., and a decision should be made that best mitigates the risks to an unauthorized disclosure of information.
From Table 5-1: Sanitization Methods
One method to sanitize media is to use software or hardware products to overwrite user- addressable storage space on the media with non-sensitive data, using the standard read and write commands for the device. This process may include overwriting not only the logical storage location of a file(s) (e.g., file allocation table) but also should include all user- addressable locations. The security goal of the overwriting process is to replace Target Data with non-sensitive data. Overwriting cannot be used for media that are damaged or not rewriteable, and may not address all areas of the device where sensitive data may be retained. The media type and size may also influence whether overwriting is a suitable sanitization method. For example, flash memory-based storage devices may contain spare cells and perform wear levelling, making it infeasible for a user to sanitize all previous data using this approach because the device may not support directly addressing all areas where sensitive data has been stored using the native read and write interface.
The Clear operation may vary contextually for media other than dedicated storage devices, where the device (such as a basic cell phone or a piece of office equipment) only provides the ability to return the device to factory state (typically by simply deleting the file pointers) and does not directly support the ability to rewrite or apply media-specific techniques to the non-volatile storage contents. Where rewriting is not supported, manufacturer resets and procedures that do not include rewriting mightbetheonlyoptiontoClearthedeviceandassociatedmedia. Thesestillmeetthedefinition for Clear as long as the device interface available to the user does not facilitate retrieval of the Cleared data.
Some methods of purging (which vary by media and must be applied with considerations described further throughout this document) include overwrite, block erase, and Cryptographic Erase, through the use of dedicated, standardized device sanitize commands that apply media-specific techniques to bypass the abstraction inherent in typical read and write commands.
Destructive techniques also render the device Purged when effectively applied to the appropriate media type, including incineration, shredding, disintegrating, degaussing, and pulverizing. The common benefit across all these approaches is assurance that the data is infeasible to recover using state of the art laboratory techniques. However, Bending, Cutting, and the use of some emergency procedures (such as using a firearm to shoot a hole through a storage device) may only damage the media as portions of the media may remain undamaged and therefore accessible using advanced laboratory techniques.
Degaussing renders a Legacy Magnetic Device Purged when the strength of the degausser is carefully matched to the media coercivity. Coercivity may be difficult to determine based only on information provided on the label. Therefore, refer to the device manufacturer for coercivity details. Degaussing should never be solely relied upon for flash memory-based storage devices or for magnetic storage devices that also contain non-volatile non-magnetic storage. Degaussing renders many types of devices unusable (and in those cases, Degaussing is also a Destruction technique).
There are many different types, techniques, and procedures for media Destruction. While some techniques may render the Target Data infeasible to retrieve through the device interface and unable to be used for subsequent storage of data, the device is not considered Destroyed unless Target Data retrieval is infeasible using state of the art laboratory techniques.
- Disintegrate, Pulverize, Melt, and Incinerate. These sanitization methods are designed to completely Destroy the media. They are typically carried out at an outsourced metal Destruction or licensed incineration facility with the specific capabilities to perform these activities effectively, securely, and safely.
- Shred. Paper shredders can be used to Destroy flexible media such as diskettes once the media are physically removed from their outer containers. The shred size of the refuse should be small enough that there is reasonable assurance in proportion to the data confidentiality that the data cannot be reconstructed. To make reconstructing the data even more difficult, the shredded material can be mixed with non-sensitive material of the same type (e.g., shredded paper or shredded flexible media).The application of Destructive techniques may be the only option when the media fails and other Clear or Purge techniques cannot be effectively applied to the media, or when the verification of Clear or Purge methods fails (for known or unknown reasons).
In Your Office Data Destruction
We will come to your location with our portable equipment and destroy your hard drives and record your serial numbers. Documentation and certificates of destruction are included. We can also degauss your back up tapes onsite and pick up your computers for recycling while we are there.
Get A Quote
Our in House ShredderIn our Dallas facility we have enormous shredder capable of shredding approximately 2000 hard drives per hour; with the end result being many twisted and mangled bits of scrap metal that will be further recycled. Information destroyed in this way is absolutely unrecoverable. We offer this particular service for clientele in need of high volume destruction.
Get a Quote
Is Your Data Safe ?We offer flexible data security plans. All of our data security plans meet or exceed the standards of Nist, Hippa, Facta, Dod and Nsa for data destruction. All destruction plans include the use of our private client portal to track your data destruction and certificates.
Get A Quote