Media sanitization is one key element in assuring confidentiality. Confidentiality is “Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information…” [44 U.S.C., Sec. 3542] “A loss of confidentiality is the unauthorized disclosure of information.” [FIPS-199, Standards for Security Categorization of Federal Information and Information Systems]

Information disposition and sanitization decisions occur throughout the system life cycle. Critical factors affecting information disposition and media sanitization are decided at the start of a system's development. The initial system requirements should include hardware and software specifications as well as interconnections and data flow documents that will assist the system owner in identifying the types of media used in the system. A determination should be made during the requirements phase about what other types of media will be used to create, capture, or transfer information used by the system. This analysis, balancing business needs and risk to confidentiality, will formalize the media that will be considered for the system to conform to FIPS 200, Minimum Security Requirements for Federal Information and Information Systems.

-- National Institute of Standards and Technology, NIST Special Publication 800-88

Computing technologies change rapidly. Users want more powerful but compact devices. New technologies constantly increase processing speed and storage capacity, while decreasing the device size in order to satisfy this demand. These technologies may require new clearing and purging techniques. Advancing technology has created a situation that has altered previously held best practices regarding magnetic disk type storage media. Basically the change in track density and the related changes in the storage medium have created a situation where the acts of clearing and purging the media have converged. That is, for ATA disk drives manufactured after 2001 (over 15 GB) clearing by overwriting the media once is adequate to protect the media from both keyboard and laboratory attack.

-- National Institute of Standards and Technology, NIST Special Publication 800-88

Several factors should be considered along with the security categorization of the system confidentiality when making sanitization decisions. The cost versus benefit of a media sanitization process should be understood prior to a final decision. For instance, it may not be cost-effective to degauss inexpensive media such as diskettes. Even though clear or purge may be the recommended solution, it may be more cost-effective (considering training, tracking, and validation, etc) to destroy media rather than use one of the other options. Organizations can always increase the level of sanitization applied if that is reasonable, and indicated by an assessment of the existing risk. Organizations should consider the following environmental factors. Note that the list is not all-inclusive:

1. What types (e.g., optical non-rewritable, magnetic) and size (e.g., megabyte, gigabyte, and terabyte) of media storage does the organization require to be sanitized?
2. What is the confidentiality of the data stored on the media?
3. Will the media be processed in a controlled area?
4. Should the sanitization process be conducted within the organization or outsourced?
5. What is the anticipated volume of media to be sanitized by type of media?
6. What is the availability of sanitization equipment and tools?
7. What is the level of training of personnel with sanitization equipment/tools?
8. How long will sanitization take?
9. What type of sanitization will cost more considering tools, training, validation, and reentering media into the supply stream?

-- National Institute of Standards and Technology, NIST Special Publication 800-88