Nearly all of the digital devices with which we come into contact on a daily basis include some type of disk drive for data storage. These digital devices range not only from our mobile phones, digital cameras, desktop and laptop computers, but also include printers and copiers. More specifically your wide format technical document systems likely contain a disk drive as part of its controller. These disk drives are used as a temporary repository for spooling and processing data – your wide format print, copy, and scan jobs. Such drives are susceptible to data remanence, which is the residual representation of data that remains even after attempts have been made to erase the respective data. Data remanence can inadvertantly make sensitive data available if drives are available in or released to an uncontrolled environment.

Today, data-sensitive environments are no longer limited to defense agencies, power generation consultancies, and related contractors but can include any enterprise that places a high value on its intellectual property. These environments require specific security precautions integrated into network devices, including wide format printing systems, to be considered for implementation. This requirement is to ensure the security and integrity of digital information assets in workplaces highly sensitive to confidentiality.

Security breaches can occur when documents are not disposed of properly. This is not only limited to hard copy documents but also electronic data. To satisfy the increasing need for greater document security, look for wide format systems that are equipped with electric data shredding (also known as e-Shredding or data image overwrite) functionality to counter data remanence by preventing recovery of previously printed, scanned, and copied documents.

E-Shredding is a term used to describe electronic data scrubbing by making a comparison with paper document shredding. It is used in applications where the data is considered confidential and should not be disseminated. The fundamental concept is that the data is overwritten in such a way that makes it impossible to retrieve it or reconstruct it. This is in contrast to when disk drives are deleted or initialized in a conventional manner, whereby data is not completely erased and can still be recovered with readily available software tools. This is because the delete function in most operating systems simply marks the space occupied by the file as reusable (removes the pointer to the file) but does not immediately remove the content data. Under this scenario, data can be fairly easily recovered however, if the space is overwritten with other data, there is no known way to recover the original data (e.g. your print jobs). When e-Shredding is enabled, print, copy, and scan jobs that are sent to a wide format system are completely erased upon completion so that data can not be recovered.

Types of E-shredding

Most wide format printing systems that offer e-Shredding functionality allow the administrator to select from a number of overwrite algorithms, with standards that vary by country. Common algorithms used in the U.S. include:

• Gutmann: All jobs on the system are erased in 35 overwrite passes. An overwrite session consists of a lead-in of four random write patterns, followed by 27 specific patterns executed in a random order, and a lead-out of four more random patterns.

• US Department of Defense (DoD) 5220.22-M: All jobs on the system are erased in 3 overwrite passes. This is generally regarded as the highest level and standard for sanitization to counter data remanence. It meets to U.S. Department of Defense requirements (DoD5220-22M) for erasure of disk media.

• Custom: The system adminstrator defines the number of passes manually.

E-Shredding functionality can be particularly useful in decentralized walk-up environments where many different users have unregulated access to the system. If data security is important to your enterprise, implementation of e-Shredding in a wide format workflow is an easy and user transparent measure to guard against data remanence.

Resource Center Home Security