I would avoid it if full erasure is a strong requirement.īut as usual, the first question is why (what is the risk, the threat and possible consequences).The level of acceptable risk will give you the acceptable solutions. But its drawback is that you have less control on where the actual data from a VM lies. If you do it for all VMs and only store VM disk files on that disk partition, the host OS will never move blocks and the 3 pass wipe at the VM level will actually rewrite all the data from that VM.ĭynamic allocation (not speaking of cloud type management) is much more cool and modern and better supports requirement changes. It is slightly more complex at VM creation, but physical erasure comes smoothly.Ī variant would be to pre-allocate the VM disk files. ![]() A possible way is to give hard disk partitions to the VM instead of just plain files. ![]() If physical erasure of all data that the VM touched if a strong requirement, it should be observed at the low level host. ![]() Throw in the likely possibility that the VM virtual disks may actually reside on a virtual LUN from a RAID array of physical drives in a SAN and Old School goes right out the window. None of this meets Old School remediation standards, but times change and even the government has to change. The ESXi hard drive can have free-space wiped after VM deletion/wiping.ģ Pass Wiping of a VM is just security theater, but it may check bureaucratic boxes. The VM disk file can be manually cleaned and compressed Similarly to the email server, depending upon the severity of the issue: ![]() Instead the affected accounts will be manually sanitized and sometimes if the spill is bad enough, a free-space wipe on the server will be performed. No one is going to wipe the main email server drive due to an individual “ spill”. The same type of issue occurs with an e-mail “ spill”. This answer won’t make you happy because it won’t match government check box security.įirst of all, the 3 Pass Wipe derives from a decades obsolete MFM disk technology that no one uses.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |