By Daniel Morton, et. al.
Ensuring the privacy and confidentiality of data and that customer media is protected are strategic priorities at CenturyLink. That filters down into our chain of custody procedures when handling or transferring customer media and in our procedures for the sanitization and disposal of media. Here's a shocking observation from the National Institute of Standards and Technology (NIST) Special Publication 800-88, Rev.1 on a leading source of media vulnerability and what is needed to close the gap.
An often rich source of illicit information collection is either through dumpster diving for improperly disposed hard copy media, acquisition of improperly sanitized electronic media, or through keyboard and laboratory reconstruction of media sanitized in a manner not commensurate with the confidentiality of its information. Media flows in and out of organizational control through recycle bins in paper form, out to vendors for equipment repairs, and hot swapped into other systems in response to hardware or software failures. This potential vulnerability can be mitigated through proper understanding of where information is located, what that information is, and how to protect it.
Part 3 of the Data Center series highlights the safety measures in place for digital and non-digital media in a CenturyLink data center. We've limited...