Solved

DoD e-mail sanitization

Posted on 2016-08-30
6
18 Views
Last Modified: 2016-09-18
What would be the "least painful" procedure to sanitize an exchange environment? I am writing a procedure but am not finding much about the procedure or tools. I have found information on the guidelines at various government sites. Is there any recommendations on tools that can delete the e-mail and take care of the free space associated with it? I have found shredding software that works for files but not email.

thanks,
0
Comment
Question by:SargentControls
  • 4
  • 2
6 Comments
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 41776714
define: sanitize
define: DOD E-Mail Sanitation
0
 
LVL 1

Author Comment

by:SargentControls
ID: 41776737
DoD 5220.22-M
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 41776784
FYI the current  DoD 5220.22-M has no reference to disk wiping and it has become an urban legend.
So are you absolutely sure about this requirement?
Is there really a requirement to securely wipe deleted email once it has reached it's retention policy?
Do you have this requirement for active databases as well? if the disk is encrypted and before it leaves the organization you run active kill disk or dban on the drive you should be covered.

Exchange has many methods of recovering a deleted mail item. Also this email will exist on the originating and any destination computer.
For instance, many users use their deleted items folder as a holding area for stuff (you can't make something foolproof rule).. once they delete the item from their deleted items folder it may be available in their recoverable items area. There also will be a transaction record in the mailbox log files which will exist until the log is truncated after a backup or is overwritten due to circular logging. The problem is that this item may still be recoverable in a forensic examination of the disk's free space.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 1

Accepted Solution

by:
SargentControls earned 500 total points (awarded by participants)
ID: 41777129
Thanks for your input but was able to find a method to use page zeroing to make the data not accessible.
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 41777150
the data still resides on the disk
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 41803581
it worked for the asker
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
how to add IIS SMTP to handle application/Scanner relays into office 365.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now