1 / 3

What is Data Sanitization

Synergix International established in 2000 and has been continuously striving towards Networking Technology advancement for the past 20 plus years. Synergix International has become a leading network solution provider in the Middle East and Africa region and is expanding aggressively in all aspects of networking sales within this market.

ruth27
Download Presentation

What is Data Sanitization

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What is Data Sanitization? Data sanitization involves purposely, permanently deleting, or destroying data from a storage device, to ensure it cannot be recovered. Ordinarily, when data is deleted from storage media, the media is not really erased and can be recovered by an attacker who gains access to the device. This raises serious concerns for security and data privacy. With sanitization, storage media is cleansed so there is no leftover data on the device, and no data can be recovered, even with advanced forensic tools. The Need for Data Sanitization As the useful lifetime and storage capacity of storage equipment continues to increase, IT assets often retain sensitive business data after they are decommissioned. These assets might include:     Disk drives on desktop and laptop computers Flash media Mobile devices Dedicated storage equipment When a company’s IT assets reach the end of their useful life, they must be sanitized to ensure sensitive data stored on the equipment is really erased, before disposing or reusing it. The most common scenario for data sanitization is re-imaging. This usually happens when equipment is reassigned to new users. Imaging overwrites the core operating system files, file allocation table (FAT), etc. However, the old data is not actually deleted. Instead, the operating system deletes instances of files that the user can view and manipulate, and then marks the files for deletion. If the operating system needs more space, files are overwritten, and only then is the old data actually removed from the asset. Given today’s large storage capacity, gigabytes of data may remain on an unsanitized device. Equipment must be sanitized even if it is being disposed of. When a company sells, donates, or disposes of equipment that contains storage, IT, and security teams must make sure they have a reliable data sanitization strategy. Otherwise, they are not only

  2. giving away the device but together with it, they may be exposing sensitive company data. Data Sanitization Methods There are four primary methods to achieve data sanitization: physical destruction, data erasure, cryptographic erasure, and data masking. Physical Destruction The most obvious way to sanitize a device is to physically destroy the storage media or the device it is a part of—for example, destroying a hard disk or an old laptop with an embedded hard disk. There are two primary ways of destroying storage media:  Using industrial shredders to break the device into pieces.  Using degaussers, which expose the device to a strong magnetic field, which irreversibly erases data on hard disk drives (HDD) and most kinds of tapes. However, the downside of these techniques is that they damage the storage media and do not allow it to be sold or reused. They are complex and expensive to carry out and are also harmful to the environment. Data Erasure This technique uses software to write random 0s and 1s on every sector of the storage equipment, ensuring no previous data is retained. This is a very reliable form of sanitization because it validates that 100% of the data was replaced, at the byte level. It is also possible to generate auditable reports that prove data has been successfully sanitized. The advantage of this method compared to physical destruction is that it does not destroy the device and allows it to be sold or reused. However, the downside of data erasure is that it is a time-consuming process, is difficult to carry out during the lifetime of the device, and requires that each decommissioned device goes through a strict sanitization process.

  3. Cryptographic Erasure This method uses public-key cryptography, with a strong key of at least 128 bits, to encrypt all the data on the device. Without the key, the data cannot be decrypted and becomes unrecoverable. Finally, the private key is discarded, effectively erasing all data on the device. Encryption is a fast and effective way to sanitize storage devices. It is best suited for removable or mobile storage devices, or those that contain highly sensitive information.

More Related