Also review the number of passes that you really require to safeguard your data. If you need to guarantee that...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
your data is wiped, then a wipe done to the U.S. Department of Defense's DoD 5220.22-M (8-306. /E) standard will over-wipe all addressable hard drive locations with a character, its complement and a random character followed by verification. This process is completed three times and prevents data from being recovered by commercially available processes. DoD 5220.22-M (8-306. /E, C & E) is a seven-pass wipe and is only required for the most sensitive of information. However, in the fall of 2004, the U.S. National Security Agency (NSA Advisory LAA-006-2004) found that a single overwrite using DoD 5220.22-M compliant software is sufficient to render electronic files unrecoverable.
Unfortunately software disk-wiping cannot sanitize disconnected, forgotten internal hard drives, or hard drives that have physically failed. Therefore, if you don't need your drives again consider destroying them by degaussing, melting, incineration, crushing or shredding. Also know that with both methods, software-wiping or physical destruction, you'll need to implement policies and procedures that govern hard drive disposal. You must also train employees to ensure that you have taken "reasonable measures" to safeguard your data. The FTC's FACTA rule on the proper storage and disposal of certain consumer information requires any business that maintains or otherwise possesses consumer information, or any compilation of consumer information, derived from consumer reports for a business purpose, to properly dispose of such information or compilation. Although physically destroying disks is more costly than wiping them, the potential costs associated with compromised data may make it the best option.
Dig Deeper on Data security strategies and governance
Related Q&A from Michael Cobb
A technique known as the GhostHook attack can get around PatchGuard, but Microsoft hasn't patched the flaw. Expert Michael Cobb explains why, as well...continue reading
Software developed by the hacking group Platinum takes advantage of Intel AMT to bypass the built-in Windows firewall. Expert Michael Cobb explains ...continue reading
Tensions between the U.S. and Russia have led to source code reviews on security products, but the process isn't new. Expert Michael Cobb explains ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.