Solved

DoD e-mail sanitization

Posted on 2016-08-30
6
25 Views
Last Modified: 2016-09-18
What would be the "least painful" procedure to sanitize an exchange environment? I am writing a procedure but am not finding much about the procedure or tools. I have found information on the guidelines at various government sites. Is there any recommendations on tools that can delete the e-mail and take care of the free space associated with it? I have found shredding software that works for files but not email.

thanks,
0
Comment
Question by:SargentControls
  • 4
  • 2
6 Comments
 
LVL 79

Expert Comment

by:David Johnson, CD, MVP
ID: 41776714
define: sanitize
define: DOD E-Mail Sanitation
0
 
LVL 1

Author Comment

by:SargentControls
ID: 41776737
DoD 5220.22-M
0
 
LVL 79

Expert Comment

by:David Johnson, CD, MVP
ID: 41776784
FYI the current  DoD 5220.22-M has no reference to disk wiping and it has become an urban legend.
So are you absolutely sure about this requirement?
Is there really a requirement to securely wipe deleted email once it has reached it's retention policy?
Do you have this requirement for active databases as well? if the disk is encrypted and before it leaves the organization you run active kill disk or dban on the drive you should be covered.

Exchange has many methods of recovering a deleted mail item. Also this email will exist on the originating and any destination computer.
For instance, many users use their deleted items folder as a holding area for stuff (you can't make something foolproof rule).. once they delete the item from their deleted items folder it may be available in their recoverable items area. There also will be a transaction record in the mailbox log files which will exist until the log is truncated after a backup or is overwritten due to circular logging. The problem is that this item may still be recoverable in a forensic examination of the disk's free space.
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 1

Accepted Solution

by:
SargentControls earned 500 total points (awarded by participants)
ID: 41777129
Thanks for your input but was able to find a method to use page zeroing to make the data not accessible.
0
 
LVL 79

Expert Comment

by:David Johnson, CD, MVP
ID: 41777150
the data still resides on the disk
0
 
LVL 79

Expert Comment

by:David Johnson, CD, MVP
ID: 41803581
it worked for the asker
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
When you have clients or friends from around the world, it becomes a challenge to arrange a meeting or effectively manage your time. This is where Outlook's capability to show 2 time zones in one calendar comes in handy.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question