Infosec Standard 5

Last updated

HMG Infosec Standard 5, or IS5, is a data destruction standard used by the British government.

Contents

Context

IS5 is part of a larger family of IT security standards published by CESG; it is referred to by the more general Infosec Standard No.1. [1] IS5 is similar to DOD 5220.22-M (used in the USA). [2]

Requirements

IS5 sets a wide range of requirements—not just the technical detail of overwriting data, but also the policies and processes that organisations should have in place, to ensure that media are disposed of securely. IS5 also touches on risk management accreditation, because secure reuse and disposal of media is an important control for organisations handling high-impact data. It's not sufficient just to sanitise media; the sanitisation should also be auditable, and records must be kept. [3]

IS5 defines two different levels of overwriting: [4]

Regardless of which level is used, verification is needed to ensure that overwriting was successful.

Apart from overwriting, other methods could be used, such as degaussing, or physical destruction of the media. With some inexpensive media, destruction and replacement may be cheaper than sanitisation followed by reuse. ATA Secure Erase is not approved. Different methods apply to different media, ranging from paper to CDs to mobile phones.


The choice of method affects reusability. Four different outcomes are considered:

Stricter requirements apply to data with a stronger protective marking or IL. In some cases, media at or above IL4 / CONFIDENTIAL may have to be handled at a secure site, such as a List X site.

Related Research Articles

The Common Criteria for Information Technology Security Evaluation is an international standard for computer security certification. It is currently in version 3.1 revision 5.

Disk formatting is the process of preparing a data storage device such as a hard disk drive, solid-state drive, floppy disk, memory card or USB flash drive for initial use. In some cases, the formatting operation may also create one or more new file systems. The first part of the formatting process that performs basic medium preparation is often referred to as "low-level formatting". Partitioning is the common term for the second part of the process, dividing the device into several sub-devices and, in some cases, writing information to the device allowing an operating system to be booted from it. The third part of the process, usually termed "high-level formatting" most often refers to the process of generating a new file system. In some operating systems all or parts of these three processes can be combined or repeated at different levels and the term "format" is understood to mean an operation in which a new disk medium is fully prepared to store files. Some formatting utilities allow distinguishing between a quick format, which does not erase all existing data and a long option that does erase all existing data.

Data remanence is the residual representation of digital data that remains even after attempts have been made to remove or erase the data. This residue may result from data being left intact by a nominal file deletion operation, by reformatting of storage media that does not remove data previously written to the media, or through physical properties of the storage media that allow previously written data to be recovered. Data remanence may make inadvertent disclosure of sensitive information possible should the storage media be released into an uncontrolled environment.

Records management, also known as records and information management, is an organizational function devoted to the management of information in an organization throughout its life cycle, from the time of creation or receipt to its eventual disposition. This includes identifying, classifying, storing, securing, retrieving, tracking and destroying or permanently preserving records. The ISO 15489-1: 2001 standard defines records management as "[the] field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use and disposition of records, including the processes for capturing and maintaining evidence of and information about business activities and transactions in the form of records".

The Gutmann method is an algorithm for securely erasing the contents of computer hard disk drives, such as files. Devised by Peter Gutmann and Colin Plumb and presented in the paper Secure Deletion of Data from Magnetic and Solid-State Memory in July 1996, it involved writing a series of 35 patterns over the region to be erased.

In computing, data recovery is a process of retrieving deleted, inaccessible, lost, corrupted, damaged, or formatted data from secondary storage, removable media or files, when the data stored in them cannot be accessed in a usual way. The data is most often salvaged from storage media such as internal or external hard disk drives (HDDs), solid-state drives (SSDs), USB flash drives, magnetic tapes, CDs, DVDs, RAID subsystems, and other electronic devices. Recovery may be required due to physical damage to the storage devices or logical damage to the file system that prevents it from being mounted by the host operating system (OS).

A software factory is a structured collection of related software assets that aids in producing computer software applications or software components according to specific, externally defined end-user requirements through an assembly process. A software factory applies manufacturing techniques and principles to software development to mimic the benefits of traditional manufacturing. Software factories are generally involved with outsourced software creation.

<span class="mw-page-title-main">IT security standards</span> Technology standards and techniques

IT security standards or cyber security standards are techniques generally outlined in published materials that attempt to protect the cyber environment of a user or organization. This environment includes users themselves, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks.

Anti–computer forensics or counter-forensics are techniques used to obstruct forensic analysis.

Hardware-based full disk encryption (FDE) is available from many hard disk drive (HDD/SSD) vendors, including: ClevX, Hitachi, Integral Memory, iStorage Limited, Micron, Seagate Technology, Samsung, Toshiba, Viasat UK, Western Digital. The symmetric encryption key is maintained independently from the computer's CPU, thus allowing the complete data store to be encrypted and removing computer memory as a potential attack vector.

Data erasure is a software-based method of data sanitization that aims to completely destroy all electronic data residing on a hard disk drive or other digital media by overwriting data onto all sectors of the device in an irreversible process. By overwriting the data on the storage device, the data is rendered irrecoverable.

HMG Information Assurance Standard No.1, usually abbreviated to IS1, was a security standard applied to government computer systems in the UK.

Environmental certification is a form of environmental regulation and development where a company can voluntarily choose to comply with predefined processes or objectives set forth by the certification service. Most certification services have a logo which can be applied to products certified under their standards. This is seen as a form of corporate social responsibility allowing companies to address their obligation to minimise the harmful impacts to the environment by voluntarily following a set of externally set and measured objectives.

IEC 62443 is an international series of standards that address cybersecurity for operational technology in automation and control systems. The standard is divided into different sections and describes both technical and process-related aspects of automation and control systems cybersecurity.

The UK Data Service is the largest digital repository for quantitative and qualitative social science and humanities research data in the United Kingdom. The organisation is funded by the UK government through the Economic and Social Research Council and is led by the UK Data Archive at the University of Essex, in partnership with other universities.

The Government Security Classifications Policy (GSCP) is a system for classifying sensitive government data in the United Kingdom.

"Domain Based Security", abbreviated to "DBSy", is a model-based approach to help analyze information security risks in a business context and provide a clear and direct mapping between the risks and the security controls needed to manage them. A variant of the approach is used by the UK government's HMG Infosec Standard No.1 technical risk-assessment method. DBSy is a registered trade mark of QinetiQ Ltd.

Founded in 2010, ADISA Certification Limited is a certification body for companies that provide IT Asset Disposal services.

Eraser is an open-source secure file erasure tool available for the Windows operating system. It supports both file and volume wiping.

Data sanitization involves the secure and permanent erasure of sensitive data from datasets and media to guarantee that no residual data can be recovered even through extensive forensic analysis. Data sanitization has a wide range of applications but is mainly used for clearing out end-of-life electronic devices or for the sharing and use of large datasets that contain sensitive information. The main strategies for erasing personal data from devices are physical destruction, cryptographic erasure, and data erasure. While the term data sanitization may lead some to believe that it only includes data on electronic media, the term also broadly covers physical media, such as paper copies. These data types are termed soft for electronic files and hard for physical media paper copies. Data sanitization methods are also applied for the cleaning of sensitive data, such as through heuristic-based methods, machine-learning based methods, and k-source anonymity.

References

  1. HMG Infosec Standard No. 1
  2. "Computer Hard Disk Data Destruction" . Retrieved 4 June 2013.
  3. HMG IA Standard No. 5: Secure Sanitisation. Issue 4.0, April 2011
  4. "Software Data Destruction Services" . Retrieved 4 June 2013.