Data Destruction Standards

I was doing some research and put together  a short list of standards for data destruction.

11/8/2012 – Added some additional standards

HARD DRIVE BASED

  • NIST Guidelines for Media Sanitization (Special Publication 800-88) (NIST, Enchanced NIST standard)
  • HIPAA (Health Insurance Portability and Accountability Act)
  • Patriot Act of 2002
  • Sarbanes-Oxley
  • Gramm-Leach-Bliley Act (GLBA)
  • Canadian Royal Mounted Police (RCMP) for listing in the G1-001 Security Equipment Guide (SEG)
  • Canadian RCMP TSSIT OPS-II Standard Wipe
  • Economic Espionage Act
  • NSA/CSS Storage Device Declassification Manual (SDDM) (NSA (Overwrite standard by National Security Agency))
  • U.S. Navy Staff Office Publication NAVSO P-5239-26 (Navy Staff Office Publication NAVSO P-5239-26 for RLL)
  • U.S. Air Force System Security Instruction 5020 (Air Force System Security 5020)
  • U.S. DoD Unclassified Computer Hard Drive Disposition (US Department of Defense Sanitizing)
  • U.S. DoD National Industrial Security Program Operating Manual (DoD 5220.22-M) (DOD 5220.22-M & ECE)
  • German Federal Office for Information Security
  • Communications Security Establishment Canada ITSG-06
  • Australian Government ICT Security Manual
  • Australian Defense Signals Directorate ACSI-33 (X0-PD)
  • Australian Defense Signals Directorate ACSI-33 (X1-P-PD)
  • New Zealand Government Communications Security Bureau NZSIT 402
  • British HMG Infosec Standard 5, Baseline Standard
  • British HMG Infosec Standard 5, Enhanced Standard
  • Peter Gutmann’s Algortihm
  • Bruce Scheier’s Algorithm
  • The National Computer Security Center NCSC-TG-025
  • US Army AR380-19
  • German Standard VSITR
  • OPNAVINST 5239.1A
  • CIS GOST P50739-95
  • GB HMG Infosec Standard #5 Baseline
  • GB HMG Infosec Standard #5 Enhanced
  • FACTA Standards

FLASH BASED

  • NAVSO P-5239-26 (TOP SECRET) for SSD
  • NAVSO P-5239-26 (SECRET or CONFIDENTIAL) for SSD
  • US Department of Defense Sanitizing DOD 5220.22-M for SSD
Advertisements

About datalossguru

I am a data recovery engineer by trade, attorney by license, husband, father and coach by choice.
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s