Asset Disposal and Decommissioning

(OBJ 4.2)

Asset Disposal and Decommissioning

• Necessity to manage the disposal of outdated assets
• NIST Special Publication 800-88 (Guidelines for Media Sanitization)
  • Provides guidance on asset disposal and decommissioning
  • Tells us how to conduct sanitization, destruction, and certification for our asset disposal and decommissioning processes.
  • Guidelines presented by the National Institute of Standards and Technology (NIST)

Sanitization

• Thorough process to make data inaccessible and irretrievable from storage medium using traditional forensic methods
• Applies to various storage media
• Goal: Protect sensitive information from unauthorized access, especially when disposing of or repurposing a storage device.
• Methods include
  • Overwriting
    • Replacing the existing data on a storage device with random bits of information to ensure that the original data is obscured
    • Repeated several times to reduce any chance of the original data being recovered
    • Overwriting can use a single pass, 7 passes, or 35 passes
      • Depending on the classification level of the data that you're trying to sanitize.
      • Higher classification levels need more passes during that overriding process.
    • Each overwrite makes it increasingly difficult for potential adversaries to retrieve any meaningful data using forensic tools or techniques.
    • Ensures Confidentiality of stored data and minimizes the risk associated with data breaches or unauthorized access.
  • Degaussing
    • Utilizes a machine called a degausser to produce a strong magnetic field that can disrupt magnetic domains on storage devices like hard drives or tapes
    • Renders data on the storage medium unreadable and irretrievable
    • Permanent erasure of data but makes the device unusable
    • After degaussing, a device can no longer be used to store data
    • Especially valuable method, when devices are set to be discarded or recycled to ensure that no data remnants of sensitive information remains on that discarded storage device.
  • Secure Erase
    • Completely deletes data and ensures it can't be recovered using traditional recovery tools.
    • Implemented in firmware level of storage devices
    • Built-in erasure routine purges all data blocks
    • Deprecated in favor of cryptographic erase
  • Cryptographic Erase (CE)
    • Utilizes encryption technologies for data sanitization
    • When data is initially stored on a given device, it's gonna be encrypted using cryptographic keys. During the cryptographic erasure process, instead of trying to erase the actual data on the device we simply are going to deliberately destroy or delete the encryption keys themself.
    • Destroys or deletes encryption keys, rendering data unreadable
    • Quick and efficient method of sanitization
      • Can be done in less than about 30 to 60 seconds.
    • Supports device repurposing without data leakage.

Destruction

• Goes beyond sanitization, ensures physical device is unusable
• Recommended methods
  • Shredding
  • Pulverizing
  • Meltin
  • Incinerating
• Used for high-security environments, especially with Secret or Top Secret data
• Example:
  • National Security Agency remove hard drives from top secret devices to replace them, and them have them physically shredded.

Certification

• Acts as proof that data or hardware has been securely disposed of
• Important for organizations with regulatory requirements
• Creates an audit log of sanitization, disposal, or destruction processes for a given data set.
• It is important to consider your data retention requirements when you're developing your asset disposal and destruction policies.
  • Check the data lifecycle

Data Retention

• Strategically deciding what to keep and for how long
• Data has a lifecycle from creation to disposal
• Reasons to retain data
  • Regulatory requirements
    • Regulations may require specific data, such as financial transactions or medical records, to be retained for a set duration
  • Historical analysis
  • Trend prediction
  • Dispute resolution
• Retaining everything is not feasible due to costs and security risks
  • The more you store, the larger the cyber threat
  • The more you store, the more you must secure
• Clutter and excessive data require additional security measures

Data Protection

• All data needs protection from potential data breaches
• More data requires more extensive security measures
• Leads to higher costs and resource allocation
• Excessive data complicates retrieval and analysis