The browser version you are using is not recommended for this site.Please consider upgrading to the latest version of your browser by clicking one of the following links.
We are sorry, This PDF is available in download format only
NIST Guidelines for Media SanitizationExecutive SummaryInformation systems capture, process, and store information using a wide variety of media. This information is not only located on the intended storage media but also on devices used to create, process, or transmit this information. These media may require special disposition in order to mitigate the risk of unauthorized disclosure of information and to ensure its confidentiality. Efficient and effective management of information that is created, processed, and stored by an information technology (IT) system throughout its life, from inception through disposition, is a primary concern of an information system owner and the custodian of the data.With the use of increasingly sophisticated encryption, an attacker wishing to gain access to an organization’s sensitive information is forced to look outside the system itself for that information. One avenue of attack is the recovery of supposedly deleted data from media. These residual data may allow unauthorized individuals to reconstruct data and thereby gain access to sensitive information. Sanitization can be used to thwart this attack by ensuring that deleted data cannot be easily recovered.When storage media are transferred, become obsolete, or are no longer usable or required by an information system, it is important to ensure that residual magnetic, optical, electrical, or other representation of data that has been deleted is not easily recoverable. Sanitization refers to the general process of removing data from storage media, such that there is reasonable assurance that the data may not be easily retrieved and reconstructed.This guide will assist organizations and system owners in making practical sanitization decisions based on the level of confidentiality of their information. It does not, and cannot, specifically address all known types of media; however, the described sanitization decision process can be applied universally. It should also be noted that Title 40 USC advises system owners and custodians that excess equipment is “Educationally useful” and “Federal equipment is a vital national resource.” Wherever possible, excess equipment and media should be made available to schools and non-profit organizations to the extent permitted by law.Read the full NIST Guidelines for Media Sanitization.
Arm software with the visibility and tools it needs to prevent, find, freeze, and fix vulnerabilities.
Speeding security software and making it stronger with silicon-based tools to increase efficiency.
Hardware-based verification and authentication helps guard identities without slowing productivity.
Hardware-enhanced features find, freeze, and fix vulnerabilities to enterprise infrastructure.
Demos using existing embedded cyber security technology to simulate utility substation protection.
A conversation on stealth crimeware, why this malware is dangerous to customers and how to combat it.