- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Data deletion proof
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-19-2009 06:43 AM
тАО08-19-2009 06:43 AM
We have financial data hosted in third party shared storage.Now we are moving out of the this shared storage and the data is going to be hosted in our own datacenter.But as per Financial Services Authority we should have a certificate/proof that the data is deleted from the shared storage.
Have you guys come across such situation or any tools which comply this?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-19-2009 06:59 AM
тАО08-19-2009 06:59 AM
Re: Data deletion proof
Any ideas will be much appreciated
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-19-2009 07:18 AM
тАО08-19-2009 07:18 AM
SolutionContact the storage service provide and have them issue you a document that says, the contents of all your storage areas have been irrecoverably deleted using whatever tool they prefer to use. And keep that piece of paper for future audits, indefinitely. At this point, if there happens to be a data breach from those records, it is not your or your company's responsibility.
UNIX because I majored in cryptology...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-19-2009 07:33 AM
тАО08-19-2009 07:33 AM
Re: Data deletion proof
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-19-2009 07:46 AM
тАО08-19-2009 07:46 AM
Re: Data deletion proof
Take a hammer to the hard disk and destroy it.
I used to work for NDS, a security company. That is how we made sure the data can not be recovered.
Even a full OS install is something security agencies like the NSA know how to undo.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-19-2009 07:57 AM
тАО08-19-2009 07:57 AM
Re: Data deletion proof
I used to work for NDS, a security company. That is how we made sure the data can not be recovered."
while I agree, I think you're referring to a storage owned by third party, somewhere off-site. If so, SEPS approach won't work.
it sounds like you'll need to find out what the Financial Services Authority considers acceptable as to certification. Then the third party would have to meet that standard.
If I'm correct about an outside source hosting the data, then you might need to pass this to your Legal or Compliance Department, as somebody is going to have to work out what is acceptable removal, whats acceptable as to certifying the required work was done, what certification is acceptable, and what auditing (if any) needs to be done to insure conformance. Lawyers will certainly get involved somewhere. Somebody might have to pay for an independent audit to prove compliance. Then there is always the issue of "backup copies", which the 3rd party would have to destroy as well.