V-259892

Discussion

All residual data (data unintentionally left behind on computer media) must be cleared before transitioning from one period/network to the next. Because the equipment is reused, nondestructive techniques are used. According to NIST Special Publication 800-88: Clearing information is a level of media sanitization that would protect the confidentiality of information against a robust keyboard attack. Simple deletion of items would not suffice for clearing. Clearing must not allow information to be retrieved by data, disk, or file recovery utilities. It must be resistant to keystroke recovery attempts executed from standard input devices and from data scavenging tools. For example, overwriting is an acceptable method for clearing media.

Check Content

Verify an automatic capability exists and review documentation to determine if this capability is being implemented before transitioning from one period/network to the next. 

If no automatic capability exists, review organizational documentation to determine if a manual procedure is specified and implemented before transitioning from one period/network to the next. 

Coordinate with the vendor/solutions provider and certifier to verify all residual information is sanitized based on equipment make and model.

If an automatic capability exists and is being implemented, this is not a finding.

If an automatic capability exists but is not being implemented, this is a finding unless a manual procedure is specified and is being implemented.

If a manual procedure is specified and is being implemented, this is not a finding.

If no procedure is specified or none is being implemented, this is a finding.