Home > Forms and Procedures > Policies > Policy Drafts > Development Stage Policies > In Process - Sanitization of Media Policy

In Process - Sanitization of Media Policy

Overview

Brief summary of the policy...

Purpose

"In order for organizations to have appropriate controls on the information they are responsible for safeguarding, they must properly safeguard used media".

Policy

Four types of sanitization:

  1. Disposal - discarding media with no other sanitization considered.
  2. Clearing - clearing information that protects agains a robust keyboard attack.  Overwriting is an acceptable method for clearing media.
  3. Purging - prtecting against a laboratory attack  Degussing is one type of purging but not acceptable for all media (nonmagnetic media such as CD, DVDs, etc.)
  4. Destroying - After media are destroyed they cannot be reused as orginally intereded.  Forms of this are disintegration, incineration, pulverizing, shredding and melting.  Destruciton of media should be done by authorized personnel.  Special disposition needs should be addressed.

Scope

This policy will affect...

History

21-Mar-2012 - This policy is a draft and is not yet in effect.

Reference

NIST SP-800-88 ( http://csrc.nist.gov/publications/ni...00-88_rev1.pdf )

FIPS 200, Minimum Security Requirements for Federal Information and Information Systems

Roles and Responsibilities

Chief Information Officer

Information System Owner

Information Owner

Record Management Officer

Additional Remarks

There are no known exceptions to this policy at this time.

 



 

You must to post a comment.
Last modified
02:20, 17 Dec 2013

Tags

This page has no custom tags.

Classifications

This page has no classifications.