[ Home | Attachment 1 | Attachment2 | Attachment 3 | Attachment 4 | Attachment 5 ] | |||
Disposition of Computer Hard
Drives | |||
| 1. | Purpose: This attachment provides specific guidance on methods, processes and procedures to ensure no data remains on computer hard drives that are to be permanently removed from agency custody. | ||
| 2. | Methods for hard drive sanitization and clearing: | ||
| 2.1 | Class 1 Overwriting is the process of replacing information (data) with meaningless data in such a way that meaningful information cannot be recovered from a hard drive. Software specifications are outlined in Attachment 2, paragraph 2.1., Overwriting Software Specifications, will be used to overwrite all state owned or controlled hard drives. The individual performing the overwriting must have suitable technical expertise and will be responsible for certifying that the process has been successfully completed. Once overwriting has been certified, a signed copy of the certification printout verifying that the drive has been purged will be affixed to the hard drive or the computer housing the hard drive, as appropriate. The certifier will maintain separate documentation recording the same information for a minimum of three years. Overwritten hard drives will also be sampled on a random basis by an individual with suitable technical expertise other than the one who performed the overwrite process to verify that the overwriting process has been successfully completed. No fewer than 5% of all overwritten hard drives will be examined in the sampling process. See Attachment 4 for examples of an acceptable verification and required documentation. OSS eradicates magnetic media data meeting specifications of U.S. Standard DoD 5220.22-M, NAVSO P-5239-26 (MFM) and NAVSO P-5239-26 (RLL). | ||
| 2.2 | Class 2 Degaussing (i.e., demagnetizing) is a procedure that reduces the magnetic flux of a medium to virtual zero by applying a reverse magnetizing field. Properly applied, degaussing renders any previously stored data on magnetic media unreadable. For specific instructions on degaussing procedures and where to obtain a listing of approved degaussing products, see Attachment 2, paragraph 3, Degaussing Procedures. Individuals performing degaussing will certify that the process has been completed by affixing a signed verification label to the hard drive or the computer housing the hard drive, as appropriate, indicating the date and degaussing product used for the procedure. Persons performing the degaussing function must have suitable expertise. Separate documentation recording the same information will be maintained for a minimum of five years. Supervisory personnel should closely monitor the degaussing process. This should be used as a last resort, as it renders the hard drive unusable | ||
| 2.3 | Class3 Destruction of a hard drive is the process of physically damaging a medium so that it is not usable in a computer and so that no known exploitation method can retrieve data from it. For acceptable methods of destruction, refer to Attachment 2, paragraph 4, Physical Destruction Procedures. Destruction of hard drives will be certified by affixing a signed certification printout to the hard drive indicating the date and method of destruction. The certifier will maintain separate documentation recording the same information for a minimum of five years. 2.4. Clearing data (deleting files) removes information from storage media in a manner that renders it unreadable unless special utility software or techniques are used to recover the cleared data. However, because the clearing process does not prevent data from being recovered by technical means, it is not an acceptable method of sanitizing state owned or controlled hard disk storage media. | ||
| 3. | Disposition: Hard drives may be scheduled for reuse, repair, replacement, or removal from service for a variety of reasons and disposed of in various ways as described below. | ||
| 3.1 | Client-owned hard drives: | ||
| 3.1.1 | Operable hard drives that will be reused must be overwritten in accordance with (IAW) the procedures in paragraph 2.1 above, prior to transfer. If the operable hard drives are to be removed from service completely for any reason, they should also be destroyed or degaussed IAW paragraph 2.2 or 2.3 above. OSS-Spectrum uses the Greystone H.D. Multi-Function exerciser to create and maintain NSA and DOD quality data destruction using a hexadecimal algorism which erases and over writes 3-7 times. | ||
| |||
|
Photo 3.1 Purging a data tape reel,
using a Bell & Howell, NSA approved bulk degausser. | |||
| Figure 3.1-1 highlights the process flow for the disposition of operable client-owned hard drives | |||
| |||
|
Figure 3.1-1 Purging Operable
Client-Owned Hard Drives | |||
| 3.1.2 | If the hard drive is inoperable and has reached the end of its useful life, it will be destroyed or degaussed IAW paragraph 2.2 or 2.3 above. Figure 3.1-2 highlights the process flow for the disposition of inoperable Client-Owned hard drives. | ||
 | |||
Figure 3.1-2 Purging an Inoperable Client-Owned Hard Drive |
|||
