HP OpenVMS Systems

ask the wizard
Content starts here

disk data declassification? (data remanence, eras

» close window

The Question is:

We are in the process of removing an old VAX 6610 from
our facility.  Due to the nature of the data on the disks
we must "sanitize" them before they are shipped out.
We were successful in cleaning up the data disks, but now
wish to "sanitize" the system disk.  I once (a L-O-N-G
time ago) used the HSC to initialize a disk, but cannot
for the life of me find anything about it, or remember
the process I used.  Can you help?

The Answer is :

  The appropriate data declassification mechanism(s) are -- as you are
  likely well aware -- at the sole discretion of the site security officer.
  The mechanism you apparently remember using was subsequent to the HSC V6.0
  release, the enhanced FORMAT utility -- there are restrictions on the type
  of controller and disk.  And all but the earliest of the DSSI disks have a
  controller-integrated erasure tool that may suffice.
  Disk declassification can range from a simple reinitialization using a
  pattern erasure tool to a technique involving a combination of bulk disk
  degaussing, shredding, and the slagging of the resulting shredded disk.
  The techniques can also depend on the particular model of disk(s) and
  controller(s) involved and available.  As an example, disks that revector
  bad blocks -- as do most disks associated with the particular VAX you
  reference -- will potentially leave classified data among the blocks in
  the bad block table.  These blocks are not accessable to any normal
  host-level disk initialization or erasure tools -- thus most host-level
  pattern erasure tools are not acceptable to most site security officers.
  Degausing can involve coercivity of upwards of 1600 to 1800 Oersted or
  more, depending on the drive platter's particular formulation.  Field
  strengths as high as 3000 to 5000 gauss (or more) may be required.
  The appropriate technique(s) will depend on the risk(s) of exposure as
  defined by the site security officer.  Make no mistake -- data remanence
  is a hassle at secure sites -- given the (lack of) value of the disks
  most likely associated with the VAX in question, shredding and slagging
  may be the easiest and most appropriate approach.
  For further information on this topic, please see the NCSC _DoD Magnetic
  Remanence Security Guideline_, CSC-STD-005-85.  This book is the "Blue
  Book" of the NCSC "Rainbow Books" series.
  Related discussions include (841), (3926), (4286), (4598), (7320).
  Disk bad block handling is discussed in topic (6926).

answer written or last revised on ( 24-JUN-2002 )

» close window