One of the most fundamental principles of information security is that it’s all about the data. Data in transit or at rest is the primary focus of administrative, physical, and technical safeguards. Security professionals are doing better every day when it comes to protecting information in static production environments. But what happens when magnetic, optical, or semiconductor media is repurposed or retired? In this paper, I define media sanitation and how it fits into an overall security program. Next, I examine how attackers can extract information from electronic media—even after it’s been overwritten. Finally, I explore ways you can protect your organization from attacks—both casual and highly motivated.
This document is in PDF format. To view it click here.