IMO, more than 1 pass is likely overkill. However, from a auditing standpoint, there are NSA guidelines about how many passes and the bit patterns necessary to make the data truly unrecoverable. Using advanced technology (like Abby on NCIS uses<grin>), it is possible to read "ghost" images of previous bit patterns "underneath" the "live" data on the disk. That is because changing the data does not change 100% of all the underlying ferro-magnetic material.
But, again, this requires specialized equipment. However, such equipment is out there in the commerical world for doing disaster recovery of damaged media. So, it would be theoritically possible to sell a DASD array to another company which would then contract to one of these recovery specialists to recover the data. What likelihood is that? Minimal. It is more likely to be done on PC type DASD on a stolen laptop or some such. And, in that case, the solution is to use full DASD encryption. That is what we do on all the company laptops. That pretty much guarantees security. John McKown Systems Engineer IV IT Administrative Services Group HealthMarkets(r) 9151 Boulevard 26 * N. Richland Hills * TX 76010 (817) 255-3225 phone * (817)-961-6183 cell john.mck...@healthmarkets.com * www.HealthMarkets.com Confidentiality Notice: This e-mail message may contain confidential or proprietary information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. HealthMarkets(r) is the brand name for products underwritten and issued by the insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake Life Insurance Company(r), Mid-West National Life Insurance Company of TennesseeSM and The MEGA Life and Health Insurance Company.SM ________________________________ From: The IBM z/VM Operating System [mailto:ib...@listserv.uark.edu] On Behalf Of Scott Rohling Sent: Thursday, October 08, 2009 8:29 AM To: IBMVM@LISTSERV.UARK.EDU Subject: zVM 'disk wiping' Working with a customer running Linux on zSeries under zVM... discussing clean up of disk areas when a Linux server is removed. The 'norm' according to the customer is to use anywhere from 3 to 35 'passes' to erase data, depending on sensitivity. I'm wondering if anyone can provide input about how this relates to various cleanup available... I'm confused on a couple of fronts: - I'm probably not understanding -- but writing 1's or 0's more than once to a disk area seems, well, silly. Do 'passes' imply that each pass is covering more 'area' or something? Whenever I do things like 0 a disk using the dd command -- I assume the entire disk is being written to and any subsequent dd commands are unnecessary and redundant. - If we do a DIRM PURGE user CLEAN -- is that sufficient to meet any DoD rules, etc concerning securely wiping data? Same for CPFMTXA FORMAT and any other utilities used from zVM to 'clean' DASD... does anyone actually run these more than once? I'm sure I'm not understanding the context of 'passes' and just want to be able to talk intelligently as I can about how their concept of passes relates to how mainframe DASD is dealt with - especially at the zVM level. This is always where I come to hear several points of view and get useful insight -- so any input would be most welcome! Scott p.s. Considered posting this in Linux-390 .. but it's really more of a zVM thing to me - especially since I plan to use DIRMAINT CLEAN functions to remove Linux servers from zVM.
