?
Solved

DoD e-mail sanitization

Posted on 2016-08-30
6
Medium Priority
?
33 Views
Last Modified: 2016-09-18
What would be the "least painful" procedure to sanitize an exchange environment? I am writing a procedure but am not finding much about the procedure or tools. I have found information on the guidelines at various government sites. Is there any recommendations on tools that can delete the e-mail and take care of the free space associated with it? I have found shredding software that works for files but not email.

thanks,
0
Comment
Question by:SargentControls
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 82

Expert Comment

by:David Johnson, CD, MVP
ID: 41776714
define: sanitize
define: DOD E-Mail Sanitation
0
 
LVL 1

Author Comment

by:SargentControls
ID: 41776737
DoD 5220.22-M
0
 
LVL 82

Expert Comment

by:David Johnson, CD, MVP
ID: 41776784
FYI the current  DoD 5220.22-M has no reference to disk wiping and it has become an urban legend.
So are you absolutely sure about this requirement?
Is there really a requirement to securely wipe deleted email once it has reached it's retention policy?
Do you have this requirement for active databases as well? if the disk is encrypted and before it leaves the organization you run active kill disk or dban on the drive you should be covered.

Exchange has many methods of recovering a deleted mail item. Also this email will exist on the originating and any destination computer.
For instance, many users use their deleted items folder as a holding area for stuff (you can't make something foolproof rule).. once they delete the item from their deleted items folder it may be available in their recoverable items area. There also will be a transaction record in the mailbox log files which will exist until the log is truncated after a backup or is overwritten due to circular logging. The problem is that this item may still be recoverable in a forensic examination of the disk's free space.
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 
LVL 1

Accepted Solution

by:
SargentControls earned 2000 total points (awarded by participants)
ID: 41777129
Thanks for your input but was able to find a method to use page zeroing to make the data not accessible.
0
 
LVL 82

Expert Comment

by:David Johnson, CD, MVP
ID: 41777150
the data still resides on the disk
0
 
LVL 82

Expert Comment

by:David Johnson, CD, MVP
ID: 41803581
it worked for the asker
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
This video discusses moving either the default database or any database to a new volume.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses
Course of the Month14 days, 4 hours left to enroll

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question