Friday, December 12, 2014

Deleting information is also hard to do

The deletion of digital information is also hard to do. The most basic challenge is ensuring that when something is deleted, it is actually deleted. To destroy digital information it needs to be overwritten. NIST 800-88 provides the gory details. This deletion must also happen according to a defined process and should be auditable. Specialist firms like Blancco provide software support for sanitizing files or entire devices. It provides samples of confirmation reports for LUNs, servers, files, and even mobile devices.

The process of securely deleting information is typically called data erasure, data clearing, data wiping, or -- more colloquially -- data shredding.

Data erasure can get a little bit more challenging when we look at the realities of IT infrastructure. Backup tapes, for example, will contain copies of information which can cause eDiscovery challenges (i.e., Coleman Holdings). High reliability infrastructures might also cause challenges due to mirroring, as might local site caching. The biggest issues might be challenges resulting from SAN architectures and virtualization, where the actual storage site is a bit mysterious. Blancco provides some details on virtualization challenges. The SAN issue is even more difficult. It might be possible to sanitize entire LUNs or disks, but individual files will be challenging since the SAN abstracts access to the underlying storage blocks. In these situations, it might be necessary to take a proactive approach by encrypting files stored on the SAN and the shredding those files by destroying the keys. Securely deleting email can also be challenging due to the underlying database structure. Secure delete at the server level might require eliminating archive/recycle copies, compressing/defragging the database, and overwriting the empty space on the drive.


Post a Comment

Subscribe to Post Comments [Atom]

Links to this post:

Create a Link

<< Home