News & Events

July 18th, 2011

Does DataLocker meet NISPOM 8-306, DoD Directive 5220.22M requirements for disc wiping?

The DataLocker wipes or destroys data when the self destruct routine is initiated and when the zeroization or key regeneration routine is initiated. In these cases, the DataLocker deletes all encryption keys making the stored data irretrievable. 

According to DoD 5220.22-M directive dated February 28, 2006

8-301. Clearing and Sanitization.  Instructions on clearing, sanitization and release of IS media shall be issued by the accrediting CSA.  

a. Clearing. Clearing is the process of eradicating the data on media before reusing the media in an environment that provides an acceptable level of protection for the data that was on the media before clearing. All internal memory, buffer, or other reusable memory shall be cleared to effectively deny access to previously stored information.  

b. Sanitization. Sanitization is the process of removing the data from media before reusing the media in an environment that does not provide an acceptable level of protection for the data that was in the media before sanitizing. IS resources shall be sanitized before they are released from classified information controls or released for use at a lower classification level.

The DataLocker’s hardware based encryption and wipe routines fully meet the requirements for clearing data.