Re: [Fed-Talk] DSS issues (was RE: FOSE 2005)
Re: [Fed-Talk] DSS issues (was RE: FOSE 2005)
- Subject: Re: [Fed-Talk] DSS issues (was RE: FOSE 2005)
- From: "David Barton" <email@hidden>
- Date: Tue, 12 Apr 2005 12:45:41 -0400
I deal with DoD/DISA rules and regs. I don't deal with DSS, but I am sure
you can meet most anything they request.
Some questions might be:
2. How does one "sanitize" a hard drive?
Do what we do... We are a Mac only shop, but have a PC or two. Its an ATA
drive put it in a PC and use the DSS approved application to sanitize it :)
In fact, if anybody on this list knows of a DSS-approved method for
sanitizing hard drives in OSX, I'd like to hear of it.
Pulling the HD out of the system leaves the system unclassified. One way to
approach this is to have a central sanitization station for all media. All
HDs are sanitized by the designated system administrator or the faclity
security officer. This introduces a business process to justiy pulling a HD
out of any system.
-David
----- Original Message -----
From: "Peter Link" <email@hidden>
To: <email@hidden>
Sent: Tuesday, April 12, 2005 12:27 PM
Subject: Re: [Fed-Talk] DSS issues (was RE: FOSE 2005)
>DSS issues like securely deleting a file, and sanitizing a hard drive so
>it
can be released from classified back into general use...
....
The second question has not yet been answered as far as I can tell, and it
is a question I have been actively pursuing an answer to for a couple of
months now.
In fact, if anybody on this list knows of a DSS-approved method for
sanitizing hard drives in OSX, I'd like to hear of it.
We take the more conservative approach and never allow a disk that has had
classified on it to be used in an environment that isn't classified. We
degauss the disks in a nasty microwave that melts their insides. We're
even getting close to doing this with unclassified disks because of the
potential for loss of sensitive information.
This isn't what you wanted to hear but we feel the cost of lost classified
information is much greater than the cost of a new disk.
Securing deleting a file:
I have asked the same question before but even with a proper answer,
verification of the deletion is the problem I have. I did find that
ProSoft's Drive Genius has the ability to browse the disk block-by-block.
<http://www.prosofteng.com/products/drive_genius.php> I did send them an
email asking if they could enhance their software to provide a search
capability. I received a return email saying they'd look into it. This
capability would allow us to demonstrate to everyone that the secure
delete function actually works. For those of you who deal with
contamination, it also would serve the purpose of verifying that the
contaminated files contents have been deleted from every sector of the
disk. If this feature interests others, I would suggest talking to ProSoft
about enhancing their product.
--
Peter Link
Technology Advisor for the Technical Information Department
TID Information System Security Officer
Administration and HR Directorate
Lawrence Livermore National Laboratory
P.O. Box 808, L-664
Livermore, CA 94550
email@hidden
(925) 423-1230
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden