FDRERASE/OPEN a 'Secure Erase Utility for Enterprise Disk' earns US Government EAL2+ Certification.LITTLE FALLS, N.J. -- INNOVATION, using the SHARE 2008 Users Group Conference in Orlando as a backdrop, is announcing that FDRERASE/OPEN and FDRERASE for z/OS both earn US Government EAL2+ Certification for secure erasure of open systems and z/OS sensitive data. FDRERASE/OPEN and FDRERASE for z/OS meet US Government standards for purging and sanitizing large amounts of data on EMC (1) (EMC Corporation, Hopkinton, MA, www.emc.com) The leading supplier of storage products for midrange computers and mainframes. Founded in 1979 by Richard J. Egan and Roger Marino, EMC has developed advanced storage and retrieval technologies for the world's largest companies. , HDS and IBM disk storage systems. FDRERASE quickly and safely erases data from disks prior to disposal, reallocation or following a disaster recovery test and provides full verification of results and reports to auditors for review. "FDRERASE, in the combination of FDRERASE/OPEN and FDRERASE for z/OS, is the only US Government and international CCEVS See Common Criteria. certified data protection solution for the fast, secure and verifiable removal of all accessible data from enterprise disk systems shared by z/OS mainframe and open system servers. Joining FDRERASE for z/OS and FDRERASE/OPEN users now have a way to remove critical privileged financial and personal identity information from enterprise disk storage they might be disposing of, repurposing and especially important a way of scrubbing that information before leaving a DR site that is US Government (CCEVS) certified, said Thomas J. Meehan, INNOVATION Data Processing Vice President Advancing Technology. Having just received notice on successful completion of our EAL2+ from NIAP See Common Criteria. CCEVS, the validating authority here in the US, Meehan explains, FDRERASE/OPEN complies with all current US Government guidelines for erasing computer disks and employs Secure Erase techniques that satisfy the (ASD C3I) Memorandum, on Disposition of Unclassified DoD Computer Hard Drives, the definitive US Department of Defense directive on the subject." "PCIDSS PCIDSS Payment Card Industry Data Security Standards (Payment Card Industry Data Security Standard), HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, (Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. According to the Centers for Medicare and Medicaid Services (CMS) website, Title I of HIPAA protects health insurance coverage for workers and their families when ), GLBA GLBA Gramm-Leach-Bliley Act of 1999 (Financial Modernization Act of 1999) GLBA Gay and Lesbian Business Association GLBA Great Lakes Booksellers Association GLBA Glacier Bay National Park and Preserve (Gramm-Leach-Bliley Act) and other privileged information and personal identity protection regulations require banks, card payment service providers, computer services providers, educational institutions, financial intuitions, government agencies, hospitals, insurance companies, telecommunication and a host of others to have data disposal plans. Consequently, according to Meehan, FDRERASE is already quite popular with organizations that must comply with these data protection regulations as they have a responsibility to securely erase disks when disposing of them, repurposing systems and, of increasing concern, on leaving a DR site. FDRERASE is always going to be the fastest way to securely erase specific disk volumes." Meehan adding "now that FDRERASE/OPEN, which comes complete with History Reports that document erase and verification to satisfy the most stringent requirements, has government certification it is a user's top choice when it comes to meeting compliance requirements on open systems, just as FDRERASE for z/OS is for mainframe storage". About FDRERASE/OPEN Security Functions (ERASE, SECUREERASE and VERIFY) FDRERASE/OPEN A GUI application and its supporting operating system, FDRERASE/OPEN runs on an x86 architecture computer to provide US Government (CCEVS) certified security functions for ERASE and SECURE ERASE of data from SCSI SCSI in full Small Computer System Interface Once common standard for connecting peripheral devices (disks, modems, printers, etc.) to small and medium-sized computers. SCSI has given way to faster standards, such as Firewire and USB. and Fibre direct and SAN attached enterprise disk storage systems. VERIFY, its US Government (CCEVS) certified audit function, enables users to confirm that disks have indeed been overwritten sufficiently that no residual information remains. FDRERASE/OPEN ensures the risk of residual data remaining on an open systems volume, if any, is at a level of protection appropriate to match the risk of someone scavenging for privileged and personal information being able to recover that data. FDRERASE/OPEN provides: ERASE Disk erasures are performed by overwriting Overwriting An options strategy that involves the sale of call or put options on stocks that are believed to be overpriced or underpriced. The options are not expected to be exercised. Notes: Also referred to as overriding. stored data to make it unrecoverable. ERASE, by default, overwrites each track on a volume once making its data unrecoverable by any program that accesses data from a disk storage system or through a disk control unit. SECUREERASE Overwriting each track on a volume a minimum of three times in accordance with DoD specifications, this multiple overwrite (1) A data entry mode that writes over existing characters on screen when new characters are typed in. Contrast with insert mode. (2) To record new data on top of existing data such as when a disk record or file is updated. process (optionally up to eight overwrites) renders disk data unrecoverable, even by programs applying sophisticated laboratory techniques to hard drives removed from a disk storage system or by direct access to the disk. VERIFY The FDRERASE/OPEN EAL2+ certified audit function VERIFY samples tracks on a disk to insure that they have been erased, verifying a percentage of the volume by default or the entire volume as needed. CCEVS Security Evaluation Summary The evaluation of FDRERASE/OPEN was carried out by Science Applications International Corporation (SAIC SAIC - http://saic.com. ) in accordance US Government requirements and the international Common Criteria Evaluation and Validation Scheme (CCEVS) for an assurance level EAL 2 augmented with ALC (Assembly Language Coding) A generic term for IBM mainframe assembly languages. 1. ALC - Assembly Language Compiler. 2. ALC - Airline Line Control. _FLR. FDRERASE/OPEN earning the right to display the international Common Criteria Recognition Arrangement (CCRA CCRA Canada Customs and Revenue Agency CCRA Common Criteria Recognition Arrangement CCRA Campus Computer Resellers Alliance CCRA Certified Clinical Research Associate CCRA Commercial Credit Reference Agency CCRA California Court Reporters Association ) certification mark (interlocking CC on globe), results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report, (CCEVS-VR-VID10232-2008, dated 29 January 2008) located at http://niap-ccevs.org/cc-scheme/st/index.cfm/vid/10232 About INNOVATION Data Processing A leading independent software vendor, INNOVATION Data Processing provides non-disruptive, high performance, business data protection, business continuance and privileged information protection solutions for enterprise scale mainframe z/OS, Linux on System z, Linux, Windows, and UNIX UNIX Operating system for digital computers, developed by Ken Thompson of Bell Laboratories in 1969. It was initially designed for a single user (the name was a pun on the earlier operating system Multics). storage that improve business resiliency for customers' worldwide. Further information on INNOVATION Data Processing is available at. http://www.innovationdp.fdr.com About CCEVS The National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme (NIAP CCEVS) Validation Body, is an activity jointly managed by the US National Institute of Standards and Technology National Institute of Standards and Technology, governmental agency within the U.S. Dept. of Commerce with the mission of "working with industry to develop and apply technology, measurements, and standards" in the national interest. (NIST) and the US National Security Agency (NSA) for the evaluation of information technology products for conformance to the International Common Criteria for Information Technology Security. Further information on CCEVS is available at http://niap.nist.gov/cc-scheme/index.html About Science Applications International Corporation (SAIC) SAIC is an NIAP approved Common Criteria Testing Laboratory A Common Criteria Testing Laboratory (CCTL) is an information technology (IT) computer security testing laboratory that is accredited to conduct IT security evaluations for conformance to the Common Criteria international standard. (CCTL) accredited accredited recognition by an appropriate authority that the performance of a particular institution has satisfied a prestated set of criteria. accredited herds cattle herds which have achieved a low level of reactors to, e.g. to conduct IT security evaluations for conformance to the international Common Criteria. Further information on SAIC is available at http://www.saic.com/ FDRERASE/OPEN and FDRERASE for z/OS are service marks, trademarks and/or registered trademarks of Innovation Data Processing Corporation. IBM and z/OS are trademarks or registered trademarks of International Business Machines Corporation. All other service marks, trademarks or registered trademarks are the property of their respective owners. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion