Spacer http://macenterprise.org MacResource.org - Mac OS X enterprise deployment project Spacer
Site Map Contact Us Site Map About Us Top Background
 
Search
 
 
Main Menu
Home
Webcasts
In Depth
Quick Tips
Presentations
Resources
Scripts & Tools
FAQ
News
Register Now!
macosxlabs.org archives
Display News - Latest 1-3

Recent Articles
-------------
Next Webcast

LANrev 4.6 Client Management

Join Bao Tran for a LANrev demonstration with an emphasis on changes since the LANrev 4.0 release.

Michael Perbix of Lower Merion School District will join Bao to discuss his use of LANrev in a multi-platform environment.   



May 20th, 2008 

10:00 - 11:30 am PST
1:00 - 2:30 pm EST
18:00 - 19:30 GMT

 



Webcast ID for May 20th 2008: 
Macenterprise
Passcode for May 20th 2008: 
613613
Data Sanitation-Not Something to Put by the Curb E-mail
Written by Richard Glaser   
Tuesday, 26 June 2007

If you keep business, medical, or personal financial information on disks, simple file deletion or drive erasure isn’t enough to protect the data when disposing of the equipment.

Besides identity theft, data loss may leave you or your institution liable under federal laws such as HIPAA, Sarbanes-Oxley, Graham-Leach-Bliley or other state laws. Criminal penalties include fines and prison terms up to 20 years. Not to mention the civil suits that can result.

There are several approved methods for data sanitation that satisfy these legal requirements or meet even more stringent corporate or government secrecy requirements. Many methods for sanitizing data include deleting files, drive formating, block overwrite,  in-drive secure erase, physical drive destruction, degaussing, and encryption.

Block erase is most commonly used. While it  is much better than no erase, or file deletion, or drive formatting, it is vulnerable to incomplete erasure of all data blocks, like  data blocks reassigned by drives, multiple drive partitions, host protected areas, device configuration overlays, and drive faults.

Currently, with Mac OS X 10.4.10, Disk Utility supports drive formating and three different block erase methods, but recent documents from US Government’s National Institute of Standards and Technologies (NIST 800-88) state that new ATA drives built secure erase is more secure. This built-in secure erase offer the same level of security as physically destroying the drive, but the drive can be re-used and it doesn't impact the environment with the by-products of destroying the media.

Disk Utility

Disk Utility is a Mac OS X utility that performs disk-related tasks, it has graphical-user-interface (GUI) an command line versions. It supports disk erasing, formating and partitioning. For example below is the interface for erasing media.
 
 Disk Utility - Erase
 
Also, supports three levels of block overwrite. It supports a zero-out erase, a 7-pass erase, or a 35-pass erase. A zero-out erase sets all data bits on the disk to 0, while 7-pass and 35-pass use Gutmann algorithms of varying complexity to overwrite the disk.
 
 Disk Utility - Erase

Darik's Boot and Nuke ('DBAN')

Darik's Boot and Nuke ('DBAN') is a popular open source block overwrite self-contained boot floppy that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for bulk or emergency data destruction.
 
 Darik's Boot and Nuke
 
DBAN for currently DOES NOT support Apple computer hardware. The developer is requesting Mac donations to develop & test the software for the Apple computer hardware. For more information on Mac donation, see the web page:

    http://dban.sourceforge.net/ppc.html
 

Secure Erase - ATA Drives Built-in Command

Secure Erase is a set of commands embedded in most ATA drives built since 2001. Secure Erase overwrites every single track on the hard drive. That includes the data on “bad blocks”, the data left at the end of partly overwritten blocks, directories, everything.

This functionality is recognized by the US Government’s National Institute of Standards and Technologies (NIST 800-88) as equivalent to magnetically wiping a drive (degaussing) or physically destroying it. The National Security Agency and the National Institute for Standards and Testing (NIST 800-88) gave it a higher security rating than external block overwrite software. External block overwrite software includes Apple's Disk Utility, Darik's Boot and Nuke ('DBAN'), etc.

The University of California at San Diego hosts the Center for Magnetic Recording Research. Dr. Gordon Hughes of CMRR helped develop the Secure Erase standard.

There is a Freeware Secure Erase Utility, that is a DOS executable, HDDerase.exe, that can be run from a floppy/CD-ROM bootable DOS disk.

Currently, there isn't support or a port for Mac OS X. Maybe, Apple would be interested in adding support for "secure erase" embedded in ATA drives? If you want this support, please file a feature request in Apple's BugReporter.
 

Summary

So, with Mac OS X computers you could use Disk Utility and use a block overwrite like 7-Pass Erase or 35-Pass Erase, which according to some recent papers isn't secure enough. Or physical destroy hard disks, by degaussing, disintegration, shredding, or other means is not only hazardous, but has limited effectiveness, like if fragment sizes aren't small enough to recover data, etc.

There are products like EDT's Digital Shredder that implement the "secure erase" technology that allows secure & complete removal of data but the disk drives can be reused.

Hopefully, in the future there will be support for the "secure erase" technology in Apple's Disk Utility or other 3rd party Mac OS X utility to support these new data sanitation security levels. 
 
 

Add as favourites (307) | Quote this article on your site | E-mail

Be first to comment this article
RSS comments

Only registered users can write comments.
Please login or register.

Powered by AkoComment Tweaked Special Edition v.1.4.4
Last Updated ( Thursday, 03 January 2008 )
 
< Prev   Next >
[ Back ]
 
  Macenterprise.org © 2000 - 2004 All rights reserved. Mambo Open Source is Free Software released under the GNU/GPL License. RSS 2.0