NIST SP 800-88 Revision 2, “Guidelines for Media Sanitization,” provides comprehensive instructions on securely removing data from electronic media to render access to the information infeasible, regardless of the effort applied to recover it. The guideline details three primary sanitization methods: “Clear,” which overwrites user-accessible storage to protect against casual retrieval; “Purge,” which applies advanced techniques such as cryptographic erase or block erasure to thwart sophisticated laboratory attacks; and “Destroy,” which physically renders media unusable via methods like shredding or incineration, ensuring data is unrecoverable. It further outlines how media sanitization processes should be integrated into organizational policies, including verification practices, security categorization of information, device-specific considerations, and proper documentation for compliance with privacy standards.
Publication's URL
https://csrc.nist.gov/pubs/sp/800/88/r2/finalAdditional documents on this topic
- CISA Principles for the Secure Integration of Artificial Intelligence in Operational Technology
- NIST IR 8349 Methodology for Characterizing Network Behavior of Internet of Things Devices
- CIS Controls Internet of Things Companion Guide ★★★★★
- NIST ZTA Component mapping to NIST CSF and Controls
- NIST SP 1800-35 Implementing a Zero Trust Architecture
I appreciate the clear explanation of Clear and Purge methods—do you think most teams choose the right sanitization level for their data?