m.roth@5-cent.us wrote:
That may be the case, but the laws and regulations still want that level of security, due to the regular "one of our people lost a laptop/it was stolen, and 7 zillion PII* got stolen!!!"
mark "yes, I am working for the gov't"
the oft-quoted 1995 vintage DoD 5220-22m standard of writing 1010, 0101, 1111, 0000 then repeating three times was deprecated from the 2001 edition of the same document.
the NIST has a document on data destruction, too... http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf where table 2-1 says a single overwrite is quite sufficient on most of today's media...
For truly secure data erasure, shread the drives in a chipper, its faster and cheaper. NIST defines three levels, 'clear', 'purge', and 'destroy'. clear is simply writing a random pattern over the data. 'purge' is degaussing the media, which renders it permanently unusuable with any modern disk, so you might as well grind/incinerate/etc the drives.
I like the bit on page 32 of that document telling the telecommuter how to smash a drive with a hammer if he doesn't have access to proper equipment.