|  |
First IBM z/OS Secure Erase Disk Utility to earn Common Criteria EAL2+ Certification
INNOVATION, using the SHARE 2005 Users Group Conference in Boston as a backdrop, is announcing that its FDRERASE V5.4 L50 is the first secure erase disk utility for the IBM z/OS environment to earn a place on the Common Criteria Evaluation and Validation Scheme (CCEVS) Validated Products List for Sensitive Data Protection with a conformance claim of EAL2+.
"FDRERASE today, is the only CC qualified solution available for securely erasing z/OS disks (DASD). We specifically set out designing FDRERASE V5.4 L50 to comply with current US Government guidelines for erasing computer disks and have just received our congratulatory notice on successful completion of a Common Criteria EAL2 Augmented Evaluation from NIAP CCEVS, the validating authority here in the US, explains Thomas J. Meehan, INNOVATION Data Processing Vice President of Advance Technology; adding, we also have concurrence that the erasure technique FDRERASE employs for Secure Erase satisfies the requirements specified in the Assistant Secretary of Defense (ASD C3I) Memorandum, of June 4 2001, on Disposition of Unclassified DoD Computer Hard Drives, the definitive Department of Defense directive on the subject."
According to the CCEVS evaluation description FDRERASE is an application that runs under the IBM z/OS operating system on a mainframe computer that provides two CCEVS security validated disk erasure functions: ERASE and SECUREERASE that overwrite DASD to ensure the risk of residual data remaining, if any, is appropriate with the risk of a person scavenging for that data. FDRERASE also provides a CCEVS security validated audit function enabling a user to confirm that the physical tracks of the DASD have indeed been overwritten sufficiently that no residual information remains. This is the VERIFY function.
"FDRERASE, according to Meehan, has become quite popular with banks, card payment service providers, computer services providers, educational institutions, financial intuitions, government agencies, hospitals, insurance companies and telecommunication companies to securely erase data when leaving a DR site or disposing of disk storage systems. Always the fastest way to securely erase data in these circumstances, CCEVS EAL2+ certification now puts FDRERASE V54 L50 squarely in the forefront when it comes to meeting compliance requirements."
"It is very clear now; commercial as well as government organizations have the same requirements to erase data when leaving a DR site and when disposing of disk storage systems, as they have to protect that data from unauthorized access while it's in their possession." Meehan went on, "you expect DoD (Department of Defense) and NSA (National Security Agency) to have strict rules, but there are also industry guide lines and federal codes, as well as national legislation in this and countries around the world requiring sensitive information be cleared from disks prior to disposal or reuse."
HIPAA (Health Insurance Portability and Accountability Act), requires sensitive information be cleared from equipment and media prior to disposal or reuse. GLBA (Gramm-Leach-Bliley Act) imposes criminal penalties on financial institutions for failing to preserve privacy of current or legacy client financial data. The Payment Card Industry (e.g. MasterCard, Visa, American Express, Diners Card, Discover and JCB) Data Security Standard requires banks, members, merchants and merchants' service providers to have data disposal plans, i.e. purge electronic media so cardholder data cannot be reconstructed.
About FDRERASE Security Functions (ERASE, SECUREERASE and VERIFY)
ERASE
Disk erasures are actually performed by overwriting the stored data to make the original data unrecoverable. ERASE, by default, overwrites each track on a volume once making all data unrecoverable by any normal program running anywhere that has access through the disk control unit or direct access to the disk.
SECUREERASE
Overwrites each track on a volume a minimum of three times. This multiple overwrite process (optionally up to eight overwrites) renders the original data unrecoverable, even by sophisticated laboratory techniques applied to hard drives removed from the control unit.
VERIFY
The audit function VERIFY samples tracks on volumes to insure that they have been erased, verifying a percentage of the volume by default or the entire volume if needed. 22.08.2005, INNOVATION Data Processing
Subscribe to the newsletter | | |
| | | |
