Kissel, et al. 2014 (†716)Kissel, Richard, Andrew Regenscheid, Matthew Scholl, and Kevin Stine. Guidelines for Media Sanitization (National Institute of Standards and Technology, U.S. Department of Commerce: 2014).
- media sanitization (iii): Media sanitization refers to a process that renders access to target data on the media infeasible for a given level of effort. (†1637)
- media sanitization (p.5): Media sanitization is one key element in assuring confidentiality. ... In order for organizations to have appropriate controls on the information they are responsible for safeguarding, they must properly safeguard used media. An often rich source of illicit information collection is either through dumpster diving for improperly disposed hard copy media, acquisition of improperly sanitized electronic media, or through keyboard and laboratory reconstruction of media sanitized in a manner not commensurate with the confidentiality of its information. Media flows in and out of organizational control through recycle bins in paper form, out to vendors for equipment repairs, and hot swapped into other systems in response to hardware or software failures. This potential vulnerability can be mitigated through proper understanding of where information is located, what that information is, and how to protect it. (†1638)
- media sanitization (p.1): The information security concern regarding information disposal and media sanitization resides not in the media but in the recorded information. The issue of media disposal and sanitization is driven by the information placed intentionally or unintentionally on the media. (†1639)