www.DataSecurityInc.com
1-800-225-7554
sales@telesis-inc.com
Overview



For more than 27 years Data Security Inc. has been manufacturing degaussers to support the
Department of Defense (DoD) requirements for complete erasure of classified or sensitive magnetic
storage devices. Data Security Inc.’s main focus is to develop and manufacture high performance
degaussers and hard drive destruction devices that guarantee the complete erasure of data stored on
existing and future magnetic data storage formats.
Because of Data Security’s continuing focus on meeting National Security Agency (NSA) standards, we
have developed a close working relationship with them. This relationship givse us insight into current
and future media formats, as well as the various requirements for sanitizing them.
Degaussers listed in the NSA Evaluated Products List-Degausser are ideal tools for organizations
required to comply with DoD requirements, NISPOM, National Institute of Standards and
Technology (NIST), Federal Information Security Management Act (FISMA) and privacy legislation,
including the Gramm-Leach-Bliley Act (GLBA) and the Health Insurance Portability and
Accountability Act (HIPAA).
© 2010 Data Security, Inc.
Data at Risk
Data at Risk
Media at Risk
Acquisition Methods
Classified or Sensitive
 DoD
 Defense Contractors
Proprietary Information
Personal Identity Information
 SSN
 Banking
 Health care information
Desktop Hard Drives
Laptop/Notebook Hard Drives
HDDs in storage array
Server Drive
External USB Drives
Firewire Drives
USB Devices
Magnetic Tapes
Flash Cards
CD & DVD
Dumpster Diving
Acquire improperly sanitized
electronic media
Laboratory reconstruction
Hot Swapped Media
Media in Transport
Theft
Developing countries do not have enough funding to catch up to developed countries, so they steal
information and technology. –FBI
Identity theft costs $50 billion/year. – Federal Trade Commission
© 2010 Data Security, Inc.
Data at Risk – In the News
Electronic Afterlife: What you don’t want to know about improper computer disposal, but should
Hundreds of thousands of tons of E-waste are shipped overseas to developing countries each year, even after promises that
the waste will be safely and locally recycled. Many of the countries receiving our E-waste are listed by the U.S. Department of
State as the top sources of cyber crime.
-Peter Klein, “Digital Dumping Ground” Documentary (2009)
PA: Health Insurer Loses Hard Drive Comprising 280,000 Medicaid Patients
Keystone Mercy Health Plan and AmeriHealth Mercy Health Plan announced that a hard drive containing the personal
health information has been misplaced. Yet to be recovered, the drive contains patient addresses, DOBs, health information,
and both full and partial Social Security numbers.
-Jane M. Von Bergen, The Philadelphia Inquirer (October 2010)
http://www.philly.com/inquirer/business/20101020_Health_insurers_say_data_on_280_000_Pennsylvania_clients_may_be_compromised.html
TX: Stolen Hard Drive Compromises 79,000 Airline Employees
American Airlines reported a hard drive stolen from headquarters. The drive contains sensitive files for current and former
employees dating back to 1960, including Social Security numbers, health insurance, and bank accounts. Some employee
files also contained information on beneficiaries and dependents.
-Angela Moscaritolo, SC Magazine (July 2010)
http://www.scmagazineus.com/american-airlines-hard-drive-stolen/article/174254/
NJ: Data Breach Costs Credit Card Payment Company $130 Million
After agreeing to a $60 million settlement with Visa earlier in the year, Heartland Payment Systems has added another $41
million for MasterCard as the result of a 2008 data breach which resulted in thousands of fraudulent charges.
- (June 2010) http://destructdata.com/blog/
© 2010 Data Security, Inc.
Regulatory Environment
© 2010 Data Security, Inc.
Regulatory Environment


The NIST “Guidelines for Media Sanitization” refer to the NSA for products to sanitize magnetic
media. NIST Special Publication 800-88, pg 12-21
The HIPPA Security Rule (SR) requires the final disposition of information/the hardware electronic
media on which it is stored; HIPPA refers to NIST/NSA. Department of Health & Human Services HIPP § 164.310 Physical
safeguards; Final Rule

Under the HITECH Act (“The Act”), business associates are now directly “on the compliance hook;” ie.
required to comply with the Security Rule (SR) or be fined for willful neglect ($250,000 per fine).
HITECH Act Sec. 13401. Application of Security Provisions and Penalties to Business Associates of Covered Entities; Annual Guidance on Security Provisions

The Gramm-Leach-Bliley (GLB) Act requires financial institutions to ensure the security and
confidentiality of personal information obtained from their customers by erasing, degaussing or
destroying electronic media. GBL Act, 15 U.S.C. 6081 et seq., and the Federal Trade Commissions’ Standards for Safeguarding Customer
Information, 16 CFR Part 314 “Safeguards Rule”

The Payment Card Industry (PCI) Data Security Standard directs to destroy media containing
cardholder data when it is no longer needed as follows: Render cardholder data on electronic media
unrecoverable so that cardholder data cannot be reconstructed (for example, degaussing). PCI DSS
Requirements and Security Assessment Procedures, V1.2.1 pg 46
© 2010 Data Security, Inc.
ISFO Process Manual Rev. 3 2011.1, page 152
© 2010 Data Security, Inc.
ISFO Process Manual Rev. 3 2011.1, page 151
Note: The terms “Type I-III” are being replaced by the actual media coercivity
rating.
© 2010 Data Security, Inc.
Degausser Dictionary
de·gauss (d-gous)
tr.v. de·gaussed, de·gauss·ing, de·gauss·es
1. To neutralize the magnetic field of (a ship, for example).
2. To erase information from (a magnetic disk or other storage device).
Gauss: the CGS unit of magnetic flux density or magnetic induction.
Oersted: the CGS unit of magnetic field strength. The magnetic field produced at the center of a
solenoid or coil…magnetic field strength of one Oe is equivalent to magnetic flux density of one gauss.
Coercivity: the amount of applied magnetic field required to reduce magnetic induction to zero…
Coercivity is usually measured in Oersted…
© 2010 Data Security, Inc.
Previous NSA Test Procedure
© 2010 Data Security, Inc.
Current NSA Test Procedure
Center for Magnetic Recording Research at the University of San Diego, California (CMRR)

Guarantee that no data can be recovered by any means, including laboratory attack.

Test degaussers


Strength

Uniformity

Potential

Useful life

Stress Test (durability)
Test media

Coercivity of media

Guaranteed erasure

Uniformity of degausser field
© 2010 Data Security, Inc.
Current NSA Test Procedure
© 2010 Data Security, Inc.
Current NSA Test Procedure
HD-5T 5000 Oersted Disk
Before
After
© 2010 Data Security, Inc.
DoD Data Recovery Methods
Disk
Tape
Spin-Stand Testers
 Used for testing and experimenting with heads and disks
 Used mostly for R&D
 Tester writes specific data or servo pattern
 Very accurate for analyzing raw disks
 Reading a disk that has been written by a drive is more
challenging
 Not cost-effective for routine data recovery
Magnetic Force Microscopes (MFM)
 Best tool for analyzing magnetic data on disks
 Provides extraordinary imagery of the topology disk properties
 Probe is placed on the disk surface
 Time consuming
 Excellent tool for reading overwritten data
Overwritten tracks leave portions of previously written data
due to head shift
•Physical movement of drive
•Age of disk drive
•Deteriorating lubricants
 Current technology used by the NSA
Ferrofluidic Imaging
© 2010 Data Security, Inc.
 Liquid which becomes strongly
polarized in the presence of a
magnetic field
 Composed of nanoscale
ferromagnetic particles
suspended in a carrier fluid,
usually an organic solvent or
water
 Tape tracks are made visible by
coating the tape with a ferrofluid
that is magnetically developing
Commercial Data Recovery Methods
Disk
Tape
Assess Disk Drive
Operational
 Mirror data
 Create raw image to new media
Component Failure
 Replace defective components
 Mirror data
 Create raw image to new media
Logical/Software Failure
 Examining raw image at the low-level data
sectors
 Apply fixes to file system structure
 Access data
 Restore data
Assess Tape Media
Operational
 Test accessibility with lab equipment
Component Failure
 Clean, splice and re-spool into new cartridge
 Create raw image from readable portions
 Examine low-level data sectors
 Determine tape fixes to format structures
 Access data
 Restore data
© 2010 Data Security, Inc.
NSA/CSS Evaluated Products List-Degausser
Introduction
The EPL-Degausser (Evaluated Products List – Degausser) specifies the model identification of current
equipment units that were evaluated against and found to satisfy the requirements for erasure of magnetic
storage devices that retain sensitive or classified data.
Degaussers listed in this document are rated by the coercivity of the magnetic storage devices they can
securely erase (tape and disk storage devices). Tape storage devices are defined as any product that
contains magnetic tape as the recording medium. Disk storage devices are defined as any product that
contains a flexible or rigid disk as the recording medium.
Proper use of this equipment is necessary to ensure inadvertent disclosure of any level of classified or
sensitive information. Any questions about equipment operations should be directed to the manufacturer.
© 2010 Data Security, Inc.
Media Specifications
Hard Drive Coercivity Chart
Hard Drive Coercivity Chart
© 2010 Data Security, Inc.
Disk Recording
Longitudinal Recording


Each bit of information is represented by a collection of magnetized particles.
North and south poles oriented in one direction
or the other parallel to the disk's surface in a
ring around its center.
Perpendicular Recording

Poles are arranged perpendicular to the disk's surface.

More bits can be packed onto a disk.
© 2010 Data Security, Inc.
NSA/CSS Evaluated Products List-Degausser
9. Standalone Degaussers: These are standalone electromagnetic degaussers that provide automatic
one pass operation for disk and tape storage device erasure. On hard disk drives, all extraneous steel
shielding materials (e.g., cabinets, casings, and mounting brackets), but not the hard disk assembly,
must be removed before degaussing. The degaussers must be operated at their full magnetic field
strength. The erasure of hard disk drives causes damage that prohibits their continued use.
© 2010 Data Security, Inc.
NSA/CSS Evaluated Products List-Degausser
© 2010 Data Security, Inc.
HD-5T Degausser and DB-4000 Disk Drive Bender
DUO Key Features :
• Listed on the National Security Agency (NSA) Evaluated
Products List-Degausser (EPL-Degausser)
NSA/CSS-EPL-9-12A.
• Meets all NSA, DoD, state, federal, financial and health
care regulations, mandates and security guidelines.
• Simple, automatic operation; designed for reliability,
performance, and operator safety.
• Fast; a combined cycle time of 44-69 seconds per cycle
with a throughput of 82-327 drives per hour.
• Unique, internal Field CheckR provides magnetic
field verification of the HD-5T degausser and satisfies
requirements for degausser testing.
• With the largest chamber in an automatic destruction
device, the DB-4000 accommodates oversized media as
well as multiple pieces per cycle.
• Compact, lightweight and mobile; the optional cart
provides the convenience of combining the degausser and
destruction device in one place while providing effortless
mobility.
• Built to last; requires no preventative maintenance or
expensive repairs.
© 2010 Data Security, Inc.
HPM-2 Degausser and DB-6000 Disk Drive Bender
DUO Key Features :
• Listed on the National Security Agency (NSA) Evaluated
Products List-Degausser (EPL-Degausser)
NSA/CSS-EPL-9-12A.
• Meets all NSA, DoD, state, federal, financial and health
care regulations, mandates and security guidelines.
• Fast; a combined cycle time of 18-22 seconds per cycle
with
a throughput of 200-800 hard drives per hour.
• Environmentally friendly solution; manual operation
requires no electricity.
• DB-6000 destruction device allows choice of power
sources:
a manual handle or the added speed and efficiency of a
cordless drill (drill not included).
• Compact, lightweight and mobile; the optional cart
provides
the convenience of combining the degausser and
destruction
device in one place while providing effortless mobility.
• Built to last; requires no preventative maintenance or
expensive repairs.
© 2010 Data Security, Inc.
Degausser testing
Evaluated Products List-Degausser
The EPL (Evaluated Products List) – Degausser specifies the current models of
commercial equipment that satisfy NSA/CSS requirements for erasure of magnetic
storage devices retaining any level of classified or sensitive data. Listing on the EPL-Degausser
does not constitute endorsement of the product by the USG or NSA/CSS; it
only states that the evaluated degausser has met the applicable NSA/CSS performance
requirements. Neither does the listing guarantee continued performance; customers
should have their equipment re-tested periodically according the manufacturer’s
recommendations.
ISFO Process Manual Rev. 3 2011.1, page 150-151
Degaussers should be tested periodically using the timetable established by
DSS and NSA. The degausser must be tested within six months after the initial “new”
purchase or immediately if purchased used. Even products on the EPL must be re-tested
twice a year for the first two years, then once a year thereafter. If the results are
marginal, the degausser must be re-tested within six months.
© 2010 Data Security, Inc.
Field CheckR
Key Features:



Listed in the National Security Agency Evaluated
Products List-Degausser.
Instantly verifies the magnetic field
of any degausser.
Designed to allow user the ability to test more
often than annually or biannually.
© 2010 Data Security, Inc.
Commercial Degaussers
Not listed in the NSA EPL-Degausser

Magnetic field is not strong



General rule – Gauss (Oersted)
applied to media must be 2x
Coercivity.
Advertised Gauss is measured at the
core.
Magnetic fields dissipate very rapidly
from the magnetic core. Disks located
in center of HDD and top of HDD are
subjected to fields much weaker than
the Coercivity of the media.
© 2010 Data Security, Inc.
Storage




Excess media storage is a security risk.
Additional inventory of excess media requires additional administrative procedures, storage space and
labor necessary to control.
Without adequate storage or sanitization procedures, classified magnetic media is often stored in
obscure locations (behind bookshelves, false bottoms in desk drawers), increasing the risks associated
with storing classified information.
Media with large storage capacity and small physical size can be easily removed by employees (e.g.,
LTO III 400 GB, SDLTII 300 GB, VXA 160 GB).
© 2010 Data Security, Inc.
Overwrite Challenges
© 2010 Data Security, Inc.
Destruction: Paper, Optical, Key Tape, HDD after Degaussing,

National Security Agency (NSA) provides Media Destruction Guidance.
http://www.nsa.gov/ia/guidance/media_destruction_guidance/index.shtml

The NSA has determined that High Security Disintegrators listed on the Evaluated Products List provide adequate
security for the destruction of paper, optical media (CDs and DVDs), and punched tape as annotated on the EPL.


For destroying paper only, a list of evaluated High Security Crosscut Paper Shredders is available.

For sanitizing magnetic media, a list of evaluated degaussers is available.
NSA Guidance: “it is highly recommended that the hard disk drive be physically damaged prior to release.”
(NSA/CSS 9-
12 Storage Device Declassification Manual)

NSA Evaluated Products List- HDD Destruction Devices, post degaussing, pending publication.

Department of Navy Processing of Magnetic Hard Drive Storage Media for Disposal says all DoN-owned magnetic hard
drive storage media will remain in DoN custody until degaussed, destroyed. Destruction can be as simply bending the
hard drive. (DON CIO Privacy Term August 5, 2010)
© 2010 Data Security, Inc.
Destruction After Degaussing
Punched
Folded
least secure
NSA preferred
physical destruction
method
© 2010 Data Security, Inc.
Shredded
time consuming,
expensive, and
equipment requires
frequent repairs
Destruction: Solid State Media

NSA Guidance:
Destruction to 2 mm particle size
© 2010 Data Security, Inc.
SSMD-2mm
Key Features:
• Meets National Security Agency (NSA) and
Department
of Defense (DoD) specification for the destruction of
solid
state media and optical media to 2 mm.
• Unique dual stage disintegration process destroys
solid
state storage media (memory cards, memory boards,
thumb
drives, cell phones, tablets, solid state drives) and
optical
media (CDs, DVDs, Blu-Ray disks).
• Simple, automatic push button operation, designed
for
reliability, performance, and operator safety.
• Senses and automatically adjusts to clear and prevent
jams.
• Parts are designed for reuse, and easily rotate for a
additional use, resharpening or quick replacement.
• Compact and clean, ideal for any setting, including
offices.
© 2010 Data Security, Inc.
Data Security, Inc.
Contact us:
800-225-7554
729 Q Street
Lincoln NE 68508
datasecurityinc.com
© 2010 Data Security, Inc.