Solved

DoD e-mail sanitization

Posted on 2016-08-30
6
27 Views
Last Modified: 2016-09-18
What would be the "least painful" procedure to sanitize an exchange environment? I am writing a procedure but am not finding much about the procedure or tools. I have found information on the guidelines at various government sites. Is there any recommendations on tools that can delete the e-mail and take care of the free space associated with it? I have found shredding software that works for files but not email.

thanks,
0
Comment
Question by:SargentControls
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 41776714
define: sanitize
define: DOD E-Mail Sanitation
0
 
LVL 1

Author Comment

by:SargentControls
ID: 41776737
DoD 5220.22-M
0
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 41776784
FYI the current  DoD 5220.22-M has no reference to disk wiping and it has become an urban legend.
So are you absolutely sure about this requirement?
Is there really a requirement to securely wipe deleted email once it has reached it's retention policy?
Do you have this requirement for active databases as well? if the disk is encrypted and before it leaves the organization you run active kill disk or dban on the drive you should be covered.

Exchange has many methods of recovering a deleted mail item. Also this email will exist on the originating and any destination computer.
For instance, many users use their deleted items folder as a holding area for stuff (you can't make something foolproof rule).. once they delete the item from their deleted items folder it may be available in their recoverable items area. There also will be a transaction record in the mailbox log files which will exist until the log is truncated after a backup or is overwritten due to circular logging. The problem is that this item may still be recoverable in a forensic examination of the disk's free space.
0
Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

 
LVL 1

Accepted Solution

by:
SargentControls earned 500 total points (awarded by participants)
ID: 41777129
Thanks for your input but was able to find a method to use page zeroing to make the data not accessible.
0
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 41777150
the data still resides on the disk
0
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 41803581
it worked for the asker
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

OnPage: Incident management and secure messaging on your smartphone
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question