Re: HD destruction

[Jeff Kell <jeff-kell () UTC EDU>]

Ray Bruder wrote:
>    We currently use an outside vendor to destroy our hard drives and
> receive a document of certification this work has been completed.
> Does anyone simply have the HD's scrubbed and receive a certified doc
> and feel this is sufficient?  I was led to believe in the past that you
> can still recover data from scrubbed drives.

I was recently "enlightened" on the current state-of-the-art of drive erasure/wiping/destruction at a SANS Forensics 
class.  It was pointed out that the new NIST standards state:

> NIST SP800-88 - "Studies have shown that most of today's media can be
> effectively cleared by one overwrite."
>
> "Purging information is a media sanitization process that protects
> the confidentiality of information against a laboratory attack.  For
> some media, clearing media would not suffice for purging.  However,
> for ATA disk dries manufactured after 2001 (over 15GB) the terms
> clearing and purging have converged."
>
> http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf

Jeff