Page 746 - StudyBook.pdf
P. 746
730 Chapter 12 • Operational and Organizational Security: Policies and Disaster Recovery
The length of time data is stored can be dictated by legal requirements or cor-
porate decision-making. Using this policy, certain data will be kept for a specified
length of time, so that it can be referred to if needed. For example, a police depart-
ment will retain data related to a case for indeterminate lengths of time, so that it
can be used if a person convicted of a crime appeals, or if questions related to the
case need to be addressed. Contrary to this are medical records, which a doctor’s
office will keep throughout the life of the patient. In other situations, data is kept
for an agreed upon time and then destroyed, as when backed up data is retained for
a year to allow users the ability to restore old data for a specific use.
Retention and storage documentation is necessary to keep track of data, so that
it can be determined what data should be removed and/or destroyed once a spe-
cific date is reached. Such documentation can be as simple as backup logs, which
list what was backed up and when. By referring to the date the data was backed
up, administrators can determine if the necessary period of time has elapsed to
require destruction of this data.
Destruction
When a retention period is reached, data needs to be destroyed.As discussed earlier,
legal requirements or policy may dictate how data is destroyed.This can be done by
using tools (e.g., a degausser that demagnetizes media) or by totally destroying the
information (e.g., by shredding it).When destroying data, it is important to follow
procedures that dictate how information is expected to be destroyed. Even if data is
destroyed on magnetic media, additional actions may be needed to destroy the
media itself. Destroying the hard disks, floppy drives, backup tapes, and other media
on which data is stored ensures that unauthorized persons are unable to recover
data. Standard methods of physically destroying magnetic media include acid, pul-
verization, and incineration.
When destroying data or equipment that is outdated and slated to be destroyed,
it is important that a log is kept of what items have been destroyed, and when and
how the destruction was accomplished.This provides a reference that also serves as
proof that data and equipment were actually destroyed, should anyone request
information on the status of the data or equipment.A log may also be required for
legal or corporate issues, such as when audits of equipment are performed for tax
or insurance reasons.
When destroying equipment and data, it is important that logs, inventory, and
documentation are subsequently updated. Failing to remove equipment from a sys-
tems architecture document and equipment inventory could be misleading and
www.syngress.com
