data sanitization: what, why, when and how?
TRANSCRIPT
Data Sanitization :
What, Why, When and How?
Legal and regulatory compliance and the process to get there.
Paul Ristoja, Account Manager, EEU & ME & Africa‚
Blancco‚ a division of Blancco Technology Group
What does Blancco do?
Wikipedia’s answer:
Blancco Ltd. is an international data security company that
specializes in data erasure and computer reuse management
solutions for corporations, governments and computer
remarketing companies worldwide.
My answer:
Blancco Group worldwide
Blancco products are valued by thousands of customers in more than a hundred countries.
Data End of Life
“Media
sanitization
refers to a
process that
renders access
to target data on
the media
infeasible for a
given level of
effort.”
Data End of Life- broader definition
• Erasure
technology choice
• Process
implementation
and verification
• Reporting and
audit trail
Experts have 2 theories for how top-secret NSA data was
stolen, and they're equally disturbing
“Some former agency employees believe
that the alleged group behind the leak, the
"Shadow Brokers," may have hacked an
NSA server that had a top-secret hacker
toolkit left there by mistake”.
Example: ‘Regin’ Malware Recovers “Deleted” Files
Regin can conduct a wide range of
operations once it infects a system,
including screenshot-capturing, taking
control of mouse functions, stealing
passwords, monitoring network traffic
and recovering deleted files.
Data erasure is increasingly important for
all corporate and government customers
National Data
Protection Law
EU General Data Protection
Regulation 2015
(GDPR)
„Right to Erasure“
ISO Standard 27001, 27040 etc.
Sarbanes-Oxley
HIPAA
(Health Insurance
Portabiltiy and Accountability)
Credit Card Industry PCI-
DSS
Cloud Industry
recommendations for all providers
Data Life Cycle
According to the Cloud Security
Alliance, it falls to
“…the provider to keep that
data secure, and when it is
deleted, the provider should
ensure (or be able to prove)
that it is permanently
destroyed.”
“Include data end-of-life (erasure)
with auditable reporting into your
cloud security ecosystem”
Cloud Security Alliance:https://cloudsecurityalliance.org/
National & Updated EU Laws: Increasing Demand on Active Data Retention Policies to Avoid Data Breaches
Global trend • Increasing laws on data protection
• Tougher penalties and more active
enforcements
EU GDPR • Requires a Data Protection Officer
• Requires auditable procedures and routines
to be in place
• Includes the “right to erasure” of data
• Requires active reporting of any data breach
• Could result in up to 4% of global turnover in
fines
ISO Information Security Standard
ISO 27001 requires both ”Privacy and
protection of personally identifiable
information” as well as ”Secure
disposal or re-use of equipment”
”All items of equipment containing
storage media shall be verified to
ensure that any sensitive data and
licensed software has been removed or
securely overwritten prior to disposal
or re-use.”
• ”Top management shall
implement the information
security policy themselves.”
• ”The policy must ensure that all
relevant risks are addressed.”
• ”Internal audits should regularly
verify that all risks are
addressed and operational
processes are in place.”
Who is responsible: What should be included at least:
Newest ISO recommendations
on how to erase and when
Erase on logical and virtual level:
“logical sanitization (see 6.8.1.3) should be used to clear
virtualized storage, especially when the
actual storage devices and media cannot be determined.”
Also an addition to Encryption:
“Sanitization of media at end-of-use situations is
recommended, even when using encryption methods.”
Organizations should maintain a record of sanitization
activities to document what media were sanitized, when, how
they were sanitized, and the final disposition of the media.
Live Environment Erasure
LUNs and
Virtual Machines
• File, daily file erasures
• LUN, daily or logical end of life
• Virtual, daily or VM decommissioning
• Flash, daily or end of life process
Current common process:
• Security policy does not allow drives to leave the
data center.
• Expensive contracts with manufacturers to “keep
my drive” in place, combined with destruction
costs.
Improved process:
• Erase and securely send back drives under
warranty.
• Very high cost savings and enhanced
auditability.
Some examples:
#1 Break-fix processes
• Cap Gemini erased 2 SANs in the
Nordics from Poland through
remote erasure.
• When erasure was done, local
recycling company came and
picked up systems for reselling
them.
• Cap Gemini got money back
instead of spending money on
physical destruction.
SAN decommissioning # 2 Planned SAN/Server decommissioning
• Data Entry
• Data Migration within
Data Center(s)
• Data Exit
• Disaster recovery
exercises
• Test data
• Mergers and
acquisitions
#3 Planned Data Migration and DC Consolidation
Target both LUNs and VMs!
• Enable customer to feel
secure that data is
erased securely
• Detailed auditable
report provided
• Competitive advantage
compared to others
• On-Demand, integration
or automatisation
#4 Customers terminating Virtual Machines in the IaaS Cloud
• In a layered approach to data security, attacks that are missed by
one defensive layer are defeated by another. File erasure represents
a last line of defense in protecting your data.
#5 A Layered Data Protection Approach:
Including Certified File Erasure
• Most encryption is based on drive encryption and is unlocked when system is being operated.
• Encryption key management is always a challenge
• Executive travelers can also be ordered to unlock encryption on lap-tops when crossing sensitive borders
Encryption is not enough:
Global Data Erasure Management with reporting
30.000 Server & Storage Systems, PCs and phones, several Data Centers worldwide. A customer since 8 years back.
Global Data Erasure Management with reporting
Client equipment and Data Center equipment; Storage and Servers (Windows and Linux). A customer since 2 years back.
Global Data Erasure Management with reporting
Implementing a wholistic data erasure management solution to cover both internal needs and external customers needs. ISO 27001 and PCI DSS readiness.
Three Case Studies:
Data Erasure Management
Blancco File, Customer cases
NATO Site license to enable selected users within their organization to
erase files on a daily basis.
European Council 2000 users for installation on workstations where
sensitive information is being handled.
Shell Oil 2000 users for installation on laptops and workstations where
sensitive information is being handled.
Finnish Defence Force organizational license for all users across several
sites enabling automatic erasure of recycle bin on log out to actively
prevent data leaks.
36