5 Steps to Assure Media Sanitization Compliance - Sponsored Whitepaper

5 Steps to Assure Media Sanitization Compliance
Sponsored by:
Back Thru The Future Technology Disposal
Download Entire Whitepaper
5 Steps to Assure Media Sanitization Compliance

Back Thru The Future Technology Disposal 1 Park Drive, Suite 9 Franklin, NJ 07416 973-823-9752 shred@backthruthefuture.com

Retired Data Storage Devices Can Disappear From View and Become a Huge Data Breach Risk Protecting data is one of the largest budgetary expense items of any organizations’ IT department. 99% of this budget is spent protecting online data. Once data storage devices are taken off line and identified for disposal, they become the poor stepchild of your data security budget. With hard drive capacity reaching 3 terabytes (3 trillion bytes of data) the loss of a single hard drive could be catastrophic to an organization.

Here are 5 steps to assure media sanitization compliance

1. Isolate and secure: As soon as a data storage device is removed from the operating environment all data storage media (hard drives) should immediately be removed and secured in such a fashion as to prevent unauthorized removal from the disposal process. It is fundamentally important to minimize this transfer window of time as the data storage devices disappear from your automated data security process and reappear in your physical security process. This activity may take the form of placing the media in lockable containers and placing the containers in a secure room. 2. Validate the media inventory: Establishing an audit trail of the collected media is an important regulatory and legal requirement. If possible, the individual media devices should be matched to your asset management records identifying where the data on the media came from. This data media inventory validation represents the termination of your active data asset records and the beginning of your data disposal/sanitization records. At this point it is recommended that the to-be-disposed-of-media be given new inventory labels such as preprinted bar code labels or RFID tags. This step accomplishes two objectives. A. You and only you, have control of the matching inventory records. No outsider can match any data media to any user in your organization without your cooperation. B. The new tags allow the disposal inventory audit trail to be automated and remove human transcription errors from the process. 3. Destroy the data according to NIST Guidelines: The NIST “Guidelines for Media Sanitization” are precise US Government established guidelines for the destruction of recorded data on all known data media. Federal data privacy regulations require adherence to these guidelines. Adherence to the guidelines removes any possible question as to the adequacy of your sanitization methods. NIST identifies the physical destruction of media by shredding as the best possible method of data sanitization. 4. Sanitize your media on a predetermined schedule. Both data privacy regulations and courts of law require that the destruction of data occur according to a written policy and that you have records showing that you “routinely” follow your own policy. Failure to destroy data that you have the legal right to destroy in a timely manner can result in significant and not necessary legal costs associated to electronic data discovery issues. Having a predetermined schedule provides a disciplined framework for this essential activity.
Download Entire Whitepaper
Copyright © 2014, Questex Media Group LLC
Company descriptions and contact information are quoted from the company's website or other promotional information. Questex is not responsible for the accuracy of this information. Unless specifically noted, Questex is not sponsored by, affiliated with or otherwise connected with any of the listed companies.