Most organizations will, at some point, need NIST 800 data destruction. Then, there are a few things you should know.
If you care about protecting your company data — and who doesn’t? — you will inevitably need to seek out NIST 800 data destruction.
As one of the most widely used data sanitization standards required by the U.S. Federal government, NIST SP 800-88 (or more simply, NIST 800-88) includes a set of guidelines for permanently erasing data on digital storage media. The goal is to effectively sanitize media so that any and all data is irretrievable once the data or data storage device reaches end-of-life.
But navigating the market for data destruction can be like traipsing through the jungle. The myriad of methods to choose from do not necessarily comply with every aspect of NIST 800 data destruction. To complicate matters, you can actually erase data, using all the right mechanisms, and still not meet audit-proof sanitization standards.
So, what does NIST 800 data destruction entail? In this post, we’ll briefly touch on the three pillars:
- Assessing data confidentiality requirements.
- Understanding the approved methods.
- Verifying the job is complete.
3 pillars of NIST 800 Data Destruction: What you should know
1. Assessing data confidentiality requirements.
NIST 800 data destruction guidelines do not apply to specific technology. Rather, they establish workflows for all kinds of media types. And a key aspect of those workflows begins long before the device or data reaches end of life.
So, in other words, even in the early phases of data storage planning, you should keep the EOL asset management strategy in mind. This is important because certain types of storage don’t work with all sanitization methods.
The pros and cons
Consider, for example, the limitations of degaussing. While highly effective on hard drives, it’s completely ineffective on the increasingly popular flash-based, solid-state drives (SSDs).
Similarly, overwriting is an excellent choice for defined user-accessible areas of magnetic drives, but less so when other circumstances apply.
The guidelines explain:
“One major drawback of relying solely upon the native Read and Write interface for performing the overwrite procedure is that areas not currently mapped to active Logical Block Addressing (LBA) addresses (e.g., defect areas and currently unallocated space) are not addressed.”
As a result, the decisions you make during the setup of your data storage may influence your options for data sanitization down the line. But bear in mind that the NIST 800-88 guidelines stress the importance of letting the confidentiality levels of your data — and not the device type — determine which method you ultimately choose.
Narrowing down the choices
To sum up, NIST recommends the following steps to finding the right path for data sanitization:
- Understand and categorize the information according to confidentiality levels
- Assess the nature of the storage medium
- Weigh the risk to confidentiality
- Determine how the media is to be used in the future. Will it be reused within the organization? Donated? Shredded or otherwise rendered unusable?
2. Understanding the approved methods for NIST 800 data destruction.
NIST 800 data destruction specifies three methods for sanitizing end-of-life data: Clear, Purge, Destroy. Let’s take a closer look at each:
NIST Clear works like this: The NIST Clear method uses standard read/write commands, techniques, and tools to overwrite all user-addressable locations. The Clear pattern for media overwriting should include at least a single write pass with a fixed data value such as all zeros. Most devices support some level of Clear sanitization.
Keep in mind: It may not sanitize data in unmapped physical media.
NIST Purge works like this: NIST Purge applies physical or logical techniques that render Target Data recovery infeasible using state-of-the-art laboratory techniques. The Purge method includes steps, such as:
- Firmware level erasure, including multiple random overwrites that fills the drive’s entire logical capacity, freeze lock removal, and full data sanitization verification.
- Validation as an operational device ready for resale.
- Stored reports that certify and prove the secure erasure of the drive.
Keep in mind: Based on the firmware involved, Purge cannot always be applied to all devices. However, Blancco’s Drive Eraser (the most certified on the market), which we leverage here at GER, supports Purge for most HDD and SSD drives.
NIST Destroy works like this: NIST Destroy overwrites, erases, or physically destroys information (e.g., a cryptographic key), disabling any chance of recovery. It also renders the media incapable of storing data afterward. It can include shredding, incinerating, pulverizing, melting, and other physical techniques.
Keep in mind: Destroy can be appropriate for damaged drives that make other methods ineffective. It may also be the only realistic path for drives that because of age or other factors make them worthless in a resale market. However, in many instances, Purge (or Clear when applicable) is a better choice. Unlike Destroy, Purge extends the life of the device, lets you recoup value in secondary markets, and does not contribute to environmental waste.
Finally, and this is an important point, remember that none of these methods, on their own, meet audit-proof sanitization standards. You need to add one last piece of the puzzle: verification.
3. Verifying the job is complete.
As we said in this blog post: don’t leave without proof of sanitization. First of all, it’s not only the process and final device state that need validation. Other factors have to be included, too, before the job can be declared finished:
- The equipment: Does it operate correctly?
- Staff competencies: Do they have the right skills?
- The results: What do they say?
Finally, you should receive a detailed certificate of NIST 800 data destruction. Each piece of sanitized equipment requires its own certificate, including information like the device serial number and the method and tools used.
Do you have questions about NIST 800 data destruction? Please ask us.
As this post makes clear, your data confidentiality requirements and the type of data storage that needs to be sanitized will help us advise you which method will yield the results you seek.