Please enable JavaScript.
Coggle requires JavaScript to display documents.
2 - Establishing Information and Asset Handling Requirements - Coggle…
2 - Establishing Information and Asset Handling Requirements
Data maintenance
Ongoing efforts to organize and care for data throughout its lifetime
Technical solutions to separate data classes
Air gap: physical security control meaning that systems and cables from the classified network never physically touch systems and cables from the unclassified network.
Manual copy of data to update tools on classified network with USB keys
Unidirectional network bridge
Technical guard solution allowing only marked data to transit
Data Loss Prevention (DLP)
Network DLP: place on the edge of the network to scan all data leaving the organization
Endpoint DLP
Cloud DLP
Data destruction
NIST SP 800-88 Rev. 1: Guides for media sanitization
Sanitization methods
Clearing
Overwrite on existing data several times (most effective = 3 three separate passes: single character repeated, complement and random bytes)
Purging
Repeat the clearing process multiple times
Destroying
Disintegration (pieces of 2mm)
Incineration
Shredding
Pulverizing
Melting
Degaussing
Use a heavy magnetic field to realign magnetic fields in magnetic media (e.g. traditional hard disk drives (HDD), magnetic tape, floppy disk drives BUT NOT SSD/CD/DVD/USB/SD)
Erasing
Simple deletion via the file explorer
Cryptographic erasure
Destroy the cryptographic key