Solved

DoD e-mail sanitization

Posted on 2016-08-30
6
29 Views
Last Modified: 2016-09-18
What would be the "least painful" procedure to sanitize an exchange environment? I am writing a procedure but am not finding much about the procedure or tools. I have found information on the guidelines at various government sites. Is there any recommendations on tools that can delete the e-mail and take care of the free space associated with it? I have found shredding software that works for files but not email.

thanks,
0
Comment
Question by:SargentControls
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 41776714
define: sanitize
define: DOD E-Mail Sanitation
0
 
LVL 1

Author Comment

by:SargentControls
ID: 41776737
DoD 5220.22-M
0
 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 41776784
FYI the current  DoD 5220.22-M has no reference to disk wiping and it has become an urban legend.
So are you absolutely sure about this requirement?
Is there really a requirement to securely wipe deleted email once it has reached it's retention policy?
Do you have this requirement for active databases as well? if the disk is encrypted and before it leaves the organization you run active kill disk or dban on the drive you should be covered.

Exchange has many methods of recovering a deleted mail item. Also this email will exist on the originating and any destination computer.
For instance, many users use their deleted items folder as a holding area for stuff (you can't make something foolproof rule).. once they delete the item from their deleted items folder it may be available in their recoverable items area. There also will be a transaction record in the mailbox log files which will exist until the log is truncated after a backup or is overwritten due to circular logging. The problem is that this item may still be recoverable in a forensic examination of the disk's free space.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 1

Accepted Solution

by:
SargentControls earned 500 total points (awarded by participants)
ID: 41777129
Thanks for your input but was able to find a method to use page zeroing to make the data not accessible.
0
 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 41777150
the data still resides on the disk
0
 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 41803581
it worked for the asker
0

Featured Post

Are Your IoT Devices Out to Get You?

IoT business is booming, with manufacturers connecting any and every “thing” to the Internet. But as pressure grows to release new products faster and faster, we’re all left to wonder: is security a priority? Join our webinar on June 29th for the answer.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
Liquid Web and Plesk discuss how to simplify server management with a single tool  in their webinar.
This video discusses moving either the default database or any database to a new volume.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question