> Data Destruction Topics > Media Sanitization Scenarios
DoD Media Sanitization Guidelnes Department of Defense 5220.22M
The National Industrial Security Program, or NISP, is the nominal authority (in the United States) for managing the needs of private industry to access classified information.
A major component of the NISP is the NISP Operating Manual, also called NISPOM, or DoD 5220.22-M. The NISPOM establishes the standard procedures and requirements for all government contractors, with regards to classified information.
In the media sanitization context of this page, however, note that DoD 5220.22-M is often cited as the standard for sanitization to counter data remanence. The NISPOM actually covers the entire field of government-industrial security, of which data sanitization is a very small part (about two paragraphs in a 141 page document). Furthermore, the NISPOM does not actually specify any particular method. Standards for sanitization are left up to the Cognizant Security Authority. The Defense Security Service provides a Clearing and Sanitization Matrix (C&SM) which does specify methods. As of the June 2007 edition of the DSS C&SM, overwriting is no longer acceptable for sanitization of magnetic media; only degaussing or physical destruction is acceptable.
Unrelated to NISP or NISPOM, NIST also publishes Data Sanitization guidelines, which are replacing DoD 5022-M as the prevailing standard for electronic media santization for varying scenarios. You may access the NIST publication below.
ALSO SEE:
