Proprietary Kroll Ontrack. Data recovery Data management Electronic Evidence

Data recovery | Data management | Electronic Evidence

Proprietary | Kroll Ontrack

Hoe gaat u om met gevoelige data

DATA VERNIETIGING

2


3

Data wissen  Achtergrond

 Software  Hardware  Referenties

 Data wissen tips


DATA WISSEN ACHTERGROND


5


6


Protect Your Sensitive Information  Increasing volume of data stored  Multitude of media: » Virtual systems » USB drives » Tapes

» Memory cards » HDD » Mobile phones » Cloud

 Challenge: Protect Your Sensitive Information. Secure and cost-effective end-of-life destruction of sensitive data and intellectual property. 7


Avoid potential civil and criminal liability Around 90% of the world’s data has been generated over the last two years and it will continue to grow exponentially. What happens when companies mismanage or incorrectly dispose of their data? “Data breach at online travel firm nets £150k fine from ICO” 24 July 2014 “New Law Could Lead To Fines For Cloud Service Data Breaches” 13 August 2014 “Only 1 in 100 cloud providers meet EU data protection requirements” 12 August 2014 “Personal data stolen from European Central Bank website as ICO issues separate data breach fine” 24 July 2014 8


Security Risks  Second-hand devices that are sold, reused and recycled can lead to serious personal and corporate data breaches:

 54% of second-hand phones still contain personal data, including texts, emails and bank details.

 15 of 52 hard drives bought second-hand on eBay contained confidential, personal information.

 Sensitive personal data kept by NHS belonging to thousands of patients was discovered on hard drives sold on online.

9


Regulatory Requirements  The General Data Protection Regulation (2015)

 EU member states - one rule for all.  Fines of up to €100 million or 5% of a company’s annual revenue.

 The concept of ‘consent’  Transfers abroad – the data controller or processor will need to guarantee data subjects their fundamental rights and safeguards.

 The right to be forgotten

10


IT-managers niet voorbereid op Europese privacyregels

 de gevolgen van de invoer van de nieuwe EU General Data Protection Regulation (GDPR)

verwacht 2016. De verordening bevat een aantal ingrijpende wijzigingen op het gebied van databescherming en vrije verkeer van persoonsgegevens. Zo worden Europese bedrijven verplicht persoonlijke data op verzoek of als deze niet meer wordt gebruikt te wissen. Boetes voor overtreding variëren van 250.000 euro voor één geval en 0,5 procent van de totale jaarlijkse omzet voor minder ernstige zaken tot boetes van 100 miljoen euro of 5 procent van de wereldwijde totale jaarlijkse omzet voor serieuze misstanden. Proprietary | Kroll Ontrack

Achtergronden wissen Data vernietigen is een vak apart!

 X DEL, SHIFT DEL en empty recyclebin.  X Format.  Shreden, Sledgehammer. Er is staat nog informatie op de splinters. 5*5mm kan informatie van een stapel papier van wel 80 meter hoog bevatten.

 V Overschrijven mits alles.  V Degaussen mits strek genoeg.


Gebruik van Software belangrijkste punten • Gecertificeerd

• Rapportage • Keuze uit meerdere standaarden • De software kan ook overweg met harde schijven met hidden of locked areas. Het kan HPA Host protected area en DCO device configuration overlay unlocken en overschrijven.

• Schijf kan weer worden gebruikt.


Gebruik van Hardware degaussen  Gecertificeerd

 De sterkte van magneet  Schijf defect


DATA WISSEN SOFTWARE


Softwarematige verwijdering (DIY) Ontrack erasure vervangen door Blancco  Uitgebreide rapportage  Internationale certificering  Verschillende wipe standaarden  Permanente verwijdering van alle gegevens  Hidden & Locked data wordt overschreven  Eenvoudig te gebruiken

16


Uitgebreide rapportage Report & Audit


Uitgebreide rapportage Erasure Report


Internationale certificering Recognition AIVD 2005 Netherlands National Communications security agency

ABW 2005 Polish Internal Security Agency

NSM 2004 Norwegian National Security Authority

HMG Infosec approval 2003 UK Information Security Agency

DIPCOG 2003 UK Defence INFOSEC Product Co-Operation Group

Common Criteria 2011

Swiss Army 2011 NATO 2007


Verschillende wipe standaarden • • • • • • • • • • • • • • • •

Air Force System Security Instructions 5020 Bruce Schneier's algorithm Germany Standard VSITR HMG Infosec Standard No: 5 (baseline) [Note! Certified version 4.8] HMG Infosec Standard No: 5 (enhanced) [Note! Certified version 4.8] Navy Staff Office Publication (NAVSO P-5239-26) for RLL OPNAVINST 5239.1A Peter Gutmann's algorithm The National Computer Security Centre (NCSC-TG-025) U.S. Department of Defence Sanitizing (DOD 5220.22-M) US Army AR380-19 German Standard BSI National Security Agency (NSA) DoD 5220.22-M ECE NIST 800-88/ATA secure erase (+assurance) Extended NIST 800-88 (SCSI & ATA extended) Proprietary | Kroll Ontrack

Permanente verwijdering van alle gegevens

21


Permanente verwijdering van alle gegevens: SAN wiping

 Server of Storage migraties

 SAN /NAS /DAS

 Defecte SAN schijven


Permanente verwijdering van alle gegevens Guidelines for SSD erasures (Blancco 5 and 4) Posted by Antti Päivinen on 10.06.2014 10:29 The following guidelines should be carefully followed when erasing an SSD:  Currently the SSD Erasure Method is only designed to erase SSDs that use the ATA interface and support the firmware based erasure commands. For these drives, the recommended and most thorough erasure standard available in the software is Blancco's SSD Erasure Standard. However, if your erasure policy mandates that a different process should be applied for these drives, other options can be selected but a message will appear on the report highlighting that an SSD was erased.  If the SSD you are trying to erase does not support the firmware based erasure command(s), or it is not possible to remove the freeze lock, it is not possible to erase the SSD with Blancco's SSD erasure method.  It is recommended that only one SSD should be erased per machine at a time. The success of the erasure can be affected if two drives are attempted to be erased simultaneously. It is also recommended that only a single drive is attached to the host machine for erasure.  The whole drive should be erased. Do not erase individual partitions. The use of firmware based erasure commands will not work on partitions on an SSD. The whole drive must be erased when using Blancco's SSD method.

   

The SSD should not be connected to the machine through additional pieces of hardware such as USB/FireWire docking stations or PATA/SATA bridges. These could prevent the software’s ability to issue the firmware erasure command, resulting in a failed process. There should also be no instance of a RAID configuration for SSDs being erased. If two SSDs are attached to the host machine, erase a single drive at a time. If the SSD is not shown on the drive selection screen, or the erasure process cannot be run due to non-access to firmware based erasure command, one possible solution is to change the SSD's mode from IDE/ATA-mode to AHCI/Sata Native-mode (via the appropriate BIOS/UEFI/EFI settings). It is highly recommended that the hard drive's firmware is updated to the latest version. Proprietary | Kroll Ontrack

Eenvoudig te gebruiken - Blancco Delivery Methods

24

ISO-image burned to CD

ISO-image delivered via PXE

ISO-image(s) stored to USB

ISO-image packed to MSI


Eenvoudig te gebruiken United Erasure

Smartphones & Tablets

PCs & Laptops

Flash Media Storage Devices

Server & Storage Environments

Files & Folders

LUNs & Virtual Machines


Eenvoudig te gebruiken Hosted erase


Blancco 5 Advanced View

Views

Pause / Cancel buttons

Advanced view contains more functionality for the operator

27


Ability to erase drives using different over write methods

DATA WISSEN HARDWARE


Hardware matige verwijdering Snel 250 harde schijven per uur Mobiel Past in de achterbak van een auto en werkt op normale stroom Eenvoudig Doormiddel van een druk op de knop

Veilig Voldoet aan internationale veiligheid standaarden Permanente verwijdering Piek van 18.000 Gauss


Ontrack® Eraser Degausser

Degaussen Voor


Na

Degausser Service

 Onsite of bij ons op locatie

 Hard Disks of tapes  Veilige afvoer  Gecertificeerde vernietiging


REFERENTIES


References


TIPS


Tips: When disposing of old IT equipment you should

 ensure that the responsibility of asset disposal is assigned to a member of its staff with a suitable level of authority;

 complete a full inventory of all equipment that you have marked for disposal;

 be clear about what will happen with devices when you no longer need them;

 consider the security vulnerabilities associated with each method of disposal;

 ensure you delete personal data before recycling devices, so that data is not accessible to others after the device has left your ownership;  be aware that any specialist service provider you use will be considered to be a ‘data processor’ under the DPA;

 have a written contract in place between you and the data processor, ensuring that there is an appropriate level of security in place.  Tip: make sure the data is dectructed before it leaves your building 35


Meer informatie  http://www.ontrackdatarecovery.nl/erase-data/


Contact Jaap Jan Visser

Kroll Ontrack Netherlands Holland Office Center | Kruisweg 825c | 2132 NG Hoofddorp | The Netherlands +31 23 567 3030 | Fax: +31 23 567 3031 | Mobile: +31 6 38925560 [email protected] | www.krollontrack.nl http://www.linkedin.com/pub/jaap-jan-visser/16/741/556

37


Data recovery | Data management | Electronic Evidence


Proprietary Kroll Ontrack. Data recovery Data management Electronic Evidence

Recommend Documents