Section 12.108 Asset Disposal and Decommissioning Flashcards
Objectives 1.3 Explain the importance of change management processes and the impact to security. Objectives 4.1 Given a scenario, you must be able to apply common security techniques to computing resources. Objectives 4.2 Explain the security implications of proper hardware, software, and data asset management.
Asset Disposal and Decommissioning
Necessity to manage the disposal of outdated assets
NIST Special Publication 800-88 (Guidelines for Media Sanitisation)
■ Provides guidance on asset disposal and decommissioning
Sanitisation
Thorough process to make data inaccessible and irretrievable from storage medium using traditional forensic methods
Applies to various storage media
Sanitisation methods
Overwriting
○ Replacing the existing data on a storage device with random bits
of information to ensure that the original data is obscured
○ Repeated several times to reduce any chance of the original data
being recovered
○ Overwriting can use a single pass, 7 passes, or 35 passes - each overrite will make it difficult to retrieve important data
Sanitisation methods
Degaussing
○ Utilizes a machine called a degausser to produce a strong magnetic field that can disrupt magnetic domains on storage devices like hard drives or tapes
○ Renders data on the storage medium unreadable and irretrievable
○ Permanent erasure of data but makes the device unusable
○ After degaussing, a device can no longer be used to store data
Sanitisation methods
Secure Erase
○ Deletes data and ensures it can’t be recovered
○ Implemented in firmware level of storage devices
○ Built-in erasure routine purges all data blocks
○ DEPRECATED in favor of cryptographic erase
Cryptographic Erase (CE)
○ Utilises encryption technologies for data sanitisation
○ Destroys or deletes encryption keys, rendering data unreadable
○ Quick and efficient method of sanitisation
○ Supports device repurposing without data leakage
Destruction
Goes beyond sanitisation, ensures physical device is unusable
Recommended methods:
● Shredding
● Pulverizing
● Melting
● Incinerating
Used for high-security environments, especially with Secret or Top Secret data
Certification
■ Acts as proof that data or hardware has been securely disposed of
■ Important for organisations with regulatory requirements
■ Creates an audit log of sanitisation, disposal, or destruction
Data Retention
Strategically deciding what to keep and for how long
■ Data has a lifecycle from creation to disposal
Reasons to retain data
● Regulatory requirements
● Historical analysis
● Trend prediction
● Dispute resolution
■ Retaining everything is not feasible due to costs and security risks
■ Clutter and excessive data require additional security measures
The more you store, the more you must secure - increases cost
Data Protection
■ All data needs protection from potential data breaches
■ More data requires more extensive security measures
■ Leads to higher costs and resource allocation
■ Excessive data complicates retrieval and analysis
