200 likes | 330 Views
Simplifying Compliance with Auditable Data Erasure. Presented at Data Center World 2012. By Markku Willgren. Why Erase Data?. …Privacy ...Compliance …Sustainability and ROI. When to Erase Data?. When equipment ownership changes To safeguard data migration
E N D
Simplifying Compliance with Auditable Data Erasure Presented at Data Center World 2012 By Markku Willgren
Why Erase Data? …Privacy ...Compliance …Sustainability and ROI
When to Erase Data? • When equipment ownership changes • To safeguard data migration • To safeguard component replacement
Enforce Security via Reporting • Erasure results • Uniform reporting for all assets • Audit trail for regulatory compliance • Acts as a release mechanism for end of lifecycle assets • Windows licensing • Computer name, IP address, MAC address, Serial #, etc. • HW configuration • Hardware checking Click to open full size -> • Custom data fields
Use Cases • RMA drives • EOL Servers • EOL Arrays • Selective Data Erasure
I. Failed Drives for RMA • 10,000 HDDs • 40-50 SANs • 3% failure rate • 300 drives/y to replace • Now what? • Ignore your data • Keep the drives • Let OEM manage it • Rent or buy erasure appliance(s) Problem
I. Sample RMA Drive Process ‘Failed’ drive is replaced by vendor break/fix Vendor break /fix accepts sanitized drives for RMA Vendor process Chain of Custody Vendor break/fix hands out ‘failed’ drives ‘Failed’ drives are logged in and secured into custody Sanitized drives are released for return to vendor Erasure Process Failed drives are sanitized Erasure logs are generated and matched to SN# for in-custody inventory A solution
I. Loose Drives Erasure Appliances • Need to support FC, SAS/SATA, and SCSI • Change of carrier vs. pigtail design • Ease of use • Portability • Erasure results, drive serial numbers, user info • Return window for OEM • Dead drives? Solution
II. Server Erasure as a System • End of service • Technology refresh • End of subscription • Reuse in hosting environment • Data center relocation or consolidation • Secure for transit Problem
II. Server Erasure as a System • Access to all areas of the disk • RAID dismantle / pass through • Reporting Solution
III. Enterprise Array Erasure • How many hard drives per erasure? • Disable/bypass control units for enabling erasure of all areas of the disk, including protected areas, remapped sectors, and bad sectors • Need a server with HBAs connected to storage to run erasure software Solution
ADDITIONAL Erasure NEEDS IN the Cloud!- Selective Data Erasure for enterprise environments
Erasure Delivery Options ISO-image burned to CD ISO-image delivered via PXE ISO-image(s) stored to USB ISO-image packed to MSI
Erasure Method Options • HMG Infosec Standard 5, The Baseline Standard • HMG Infosec Standard 5, The Enhanced Standard • Peter Gutmann's algorithm • U.S. Department of Defense Sanitizing (DOD 5220.22-M) • Bruce Schneier's Algorithm • Navy Staff Office Publication (NAVSO P-5239-26) for RLL • The National Computer Security Center (NCSC-TG-025) • Air Force System Security Instruction 5020 • U.S. Army AR380-19 • German Standard BSI/VSITR • OPNAVINST 5239.1A • NSA 130-1 • DoD 5220.22-M ECE • NIST 800-88* • Extended NIST 800-88 * • Firmware based secure erase • Navy Staff Office Publication (NAVSO P-5239-26) - TOP SECRET for SSD • Navy Staff Office Publication (NAVSO P-5239-26) - SECRET or CONFIDENTIAL for SSD • U.S. Department of Defense Sanitizing (DOD 5220.22-M) for SSD
NIST800-88 vs. DOD5220.22M • What is Block Overwrite? • What is Secure Erase? • Security Erase Unit, Enhanced Security Erase Unit, Format Unit, etc. • NIST800-88 Clear vs. Purge • Purge: Rendering sanitized data unrecoverable by laboratory attack methods • NIST800-88 Examples of acceptable methods • Clear = e.g., 1 pass Block Overwrite is ok • Purge = e.g., 1 pass Secure Erase is ok • For ATA drives; Clear = Purge • What about remapped sectors? • What should you use?
Erasing Solid State Drives (SSDs) • What is the state of the market? • Where is the challenge? • What should you do?
The ERA Concept Thank you for your time ..Trust but verify ! ERASE REPORT AUDIT markku.willgren@blancco.com (678) 576 8140