Muutke küpsiste eelistusi

Net Zeros and Ones: How Data Erasure Promotes Sustainability, Privacy, and Security [Pehme köide]

3.67/5 (6 hinnangut Goodreads-ist)
, ,
  • Formaat: Paperback / softback, 192 pages, kõrgus x laius x paksus: 234x183x13 mm, kaal: 295 g
  • Sari: Wiley Tax Library
  • Ilmumisaeg: 15-Dec-2022
  • Kirjastus: John Wiley & Sons Inc
  • ISBN-10: 1119866162
  • ISBN-13: 9781119866169
Teised raamatud teemal:
  • Pehme köide
  • Hind: 37,24 €*
  • * saadame teile pakkumise kasutatud raamatule, mille hind võib erineda kodulehel olevast hinnast
  • See raamat on trükist otsas, kuid me saadame teile pakkumise kasutatud raamatule.
  • Kogus:
  • Lisa ostukorvi
  • Tasuta tarne
  • Lisa soovinimekirja
Net Zeros and Ones: How Data Erasure Promotes Sustainability, Privacy, and SecuritySuurem pilt
  • Formaat: Paperback / softback, 192 pages, kõrgus x laius x paksus: 234x183x13 mm, kaal: 295 g
  • Sari: Wiley Tax Library
  • Ilmumisaeg: 15-Dec-2022
  • Kirjastus: John Wiley & Sons Inc
  • ISBN-10: 1119866162
  • ISBN-13: 9781119866169
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781119866169.html
Märksõnad:
Design, implement, and integrate a complete data sanitization program

In Net Zeros and Ones: How Data Erasure Promotes Sustainability, Privacy, and Security, a well-rounded team of accomplished industry veterans delivers a comprehensive guide to managing permanent and sustainable data erasure while complying with regulatory, legal, and industry requirements. In the book, youll discover the why, how, and when of data sanitization, including why it is a crucial component in achieving circularity within IT operations. You will also learn about future-proofing yourself against security breaches and data leaks involving your most sensitive informationall while being served entertaining industry anecdotes and commentary from leading industry personalities.

The authors also discuss:

Several new standards on data erasure, including the soon-to-be published standards by the IEEE and ISO

How data sanitization strengthens a sustainability or Environmental, Social, and Governance (ESG) program

How to adhere to data retention policies, litigation holds, and regulatory frameworks that require certain data to be retained for specific timeframes

An ideal resource for ESG, data protection, and privacy professionals, Net Zeros and Ones will also earn a place in the libraries of application developers and IT asset managers seeking a one-stop explanation of how data erasure fits into their data and asset management programs.
Foreword xv
Introduction xix
Chapter 1 End of Life for Data
1(14)
1.1 Growth of Data
3(1)
1.2 Managing Data
4(2)
1.2.1 Discovery
4(1)
1.2.2 Classification
5(1)
1.2.3 Risk
6(1)
1.3 Data Loss
6(3)
1.3.1 Accidental
7(1)
1.3.2 Theft
7(2)
1.3.3 Dumpster Diving
9(1)
1.4 Encryption
9(1)
1.5 Data Discovery
9(1)
1.6 Regulations
10(1)
1.7 Security
10(1)
1.8 Legal Discovery
11(1)
1.9 Data Sanitization
12(1)
1.10 Ecological and Economic Considerations
13(1)
1.10.1 Ecological
13(1)
1.10.2 Economic
13(1)
1.11 Summary: Proactive Risk Reduction and Reactive End of Life
14(1)
Chapter 2 Where Are We, and How Did We Get Here?
15(8)
2.1 Digital Data Storage
16(1)
2.2 Erasing Magnetic Media
17(1)
2.3 History of Data Erasure
17(4)
2.3.1 The Beginnings of Commercial Data Erasure
19(1)
2.3.2 Darik's Boot and Nuke (DBAN)
19(2)
2.4 Summary
21(2)
Chapter 3 Data Sanitization Technology
23(10)
3.1 Shredding
24(1)
3.2 Degaussing
24(1)
3.3 Overwriting
25(2)
3.4 Crypto-Erase
27(1)
3.5 Erasing Solid-State Drives
28(1)
3.6 Bad Blocks
29(1)
3.7 Data Forensics
29(2)
3.8 Summary
31(2)
Chapter 4 Information Lifecycle Management
33(8)
4.1 Information Lifecycle Management vs. Data Lifecycle Management
33(1)
4.2 Information Lifecycle Management
34(1)
4.2.1 Lifecycle Stages
34(1)
4.3 Data Security Lifecycle
35(1)
4.3.1 Stages for Data Security Lifecycle
36(1)
4.4 Data Hygiene
36(1)
4.5 Data Sanitization
37(2)
4.5.1 Physical Destruction
37(1)
4.5.2 Cryptographic Erasure
37(1)
4.5.3 Data Erasure
38(1)
4.6 Summary
39(2)
Chapter 5 Regulatory Requirements
41(26)
5.1 Frameworks
42(1)
5.1.1 NIST Cybersecurity Framework Applied to Data
42(1)
5.2 Regulations
43(19)
5.2.1 GDPR
44(1)
5.2.1.1 The Right to Erasure
45(6)
5.2.1.2 Data Retention
51(2)
5.2.2 FflPAA Security Rule Subpart C
53(3)
5.2.3 PCI DSSV3.2 Payment Card Industry Requirements
56(2)
5.2.4 Sarbanes-Oxley
58(1)
5.2.5 Saudi Arabian Monetary Authority Payment Services Regulations
59(1)
5.2.6 New York State Cybersecurity Requirements of Financial Services Companies 23 NYCRR 500
59(1)
5.2.7 Philippines Data Privacy Act 2012
60(1)
5.2.8 Singapore Personal Data Protection Act 2012
61(1)
5.2.9 Gramm-Leach-Bliley Act
61(1)
5.3 Standards
62(3)
5.3.1 ISO 27000 and Family
62(1)
5.3.2 NISTSP 800-88
63(2)
5.4 Summary
65(2)
Chapter 6 New Standards
67(6)
6.1 IEEE P2883 Draft Standard for Sanitizing Storage
68(2)
6.1.1 Data Sanitization
68(1)
6.1.2 Storage Sanitization
68(1)
6.1.3 Media Sanitization
68(1)
6.1.4 Clear
69(1)
6.1.5 Purge
69(1)
6.1.6 Destruct
69(1)
6.2 Updated ISO/IEC CD 27040 Information Technology Security Techniques---Storage Security
70(1)
6.3 Summary
71(2)
Chapter 7 Asset Lifecycle Management
73(14)
7.1 Data Sanitization Program
73(1)
7.2 Laptops and Desktops
74(2)
7.3 Servers and Network Gear
76(3)
7.3.1 Edge Computing
78(1)
7.4 Mobile Devices
79(3)
7.4.1 Crypto-Erase
80(1)
7.4.2 Mobile Phone Processing
80(1)
7.4.3 Enterprise Data Erasure for Mobile Devices
81(1)
7.4.3.1 Bring Your Own Device
81(1)
7.4.3.2 Corporate-Issued Devices
81(1)
7.5 Internet of Things: Unconventional Computing Devices
82(1)
7.5.1 Printers and Scanners
82(1)
7.5.2 Landline Phones
82(1)
7.5.3 Industrial Control Systems
82(1)
7.5.4 HVAC Controls
83(1)
7.5.5 Medical Devices
83(1)
7.6 Automobiles
83(3)
7.6.1 Off-Lease Vehicles
84(1)
7.6.2 Used Vehicle Market
85(1)
7.6.3 Sanitization of Automobiles
85(1)
7.7 Summary
86(1)
Chapter 8 Asset Disposition
87(10)
8.1 Contracting and Managing Your ITAD
88(1)
8.2 LTAD Operations
89(2)
8.3 Sustainability and Green Tech
91(1)
8.4 Contribution from R2
91(1)
8.4.1 Tracking Throughput
91(1)
8.4.2 Data Security
92(1)
8.5 e-Stewards Standard for Responsible Recycling and Reuse of Electronic Equipment
92(1)
8.6 i-SIGMA
93(1)
8.7 FACTA
93(2)
8.8 Summary
95(2)
Chapter 9 Stories from the Field
97(12)
9.1 3stepIT
98(3)
9.2 TES--IT Lifecycle Solutions
101(3)
9.2.1 Scale of Operations
103(1)
9.2.2 Compliance
104(1)
9.2.3 Conclusion
104(1)
9.3 Ingram Micro
104(2)
9.4 Summary
106(3)
Chapter 10 Data Center Operations
109(4)
10.1 Return Material Allowances
110(1)
10.2 NAS
110(1)
10.3 Logical Drives
110(1)
10.4 Rack-Mounted Hard Drives
111(1)
10.5 Summary
112(1)
Chapter 11 Sanitizing Files
113(4)
11.1 Avoid Confusion with CDR
113(1)
11.2 Erasing Files
114(1)
11.3 When to Sanitize Files
115(1)
11.4 Sanitizing Files
116(1)
11.5 Summary
116(1)
Chapter 12 Cloud Data Sanitization
117(6)
12.1 User Responsibility vs. Cloud Provider Responsibility
117(2)
12.2 Attacks Against Cloud Data
119(1)
12.3 Cloud Encryption
119(1)
12.4 Data Sanitization for the Cloud
120(1)
12.5 Summary
121(2)
Chapter 13 Data Sanitization and Information Lifecycle Management
123(4)
13.1 The Data Sanitization Team
124(1)
13.2 Identifying Data
124(1)
13.3 Data Sanitization Policy
124(2)
13.3.1 Deploy Technology
125(1)
13.3.2 Working with DevOps
125(1)
13.3.3 Working with Data Security
125(1)
13.3.4 Working with the Legal Team
125(1)
13.3.5 Changes
126(1)
13.4 Summary
126(1)
Chapter 14 How Not to Destroy Data
127(4)
14.1 Drilling
127(1)
14.1.1 Nail Gun
128(1)
14.1.2 Gun
128(1)
14.2 Acids and Other Solvents
128(1)
14.3 Heating
128(1)
14.4 Incineration
129(1)
14.5 Street Rollers
129(1)
14.6 Ice Shaving Machines
129(2)
Chapter 15 The Future of Data Sanitization
131(8)
15.1 Advances in Solid-State Drives
132(1)
15.2 Shingled Magnetic Recording
133(1)
15.3 Thermally Assisted Magnetic Recording, Also Known as Heat-Assisted Magnetic Recording
133(1)
15.4 Microwave-Assisted Magnetic Recording
134(1)
15.5 DNA Data Storage
135(1)
15.6 Holographic Storage
135(1)
15.7 Quantum Storage
136(1)
15.8 NVDIMM
137(1)
15.9 Summary
138(1)
Chapter 16 Conclusion
139(4)
Appendix Enterprise Data Sanitization Policy
143(16)
Introduction
143(1)
Intended Audience
143(1)
Purpose of Policy
144(1)
General Data Hygiene and Data Retention
144(1)
Data Spillage
144(1)
Handling Files Classified as Confidential
144(1)
Data Migration
144(1)
End of Life for Classified Virtual Machines
145(1)
On Customer's Demand
145(1)
Seven Steps to Creating a Data Sanitization Process
145(2)
Step 1 Prioritize and Scope
146(1)
Step 2 Orient
146(1)
Step 3 Create a Current Profile
146(1)
Step 4 Conduct a Risk Assessment
147(1)
Step 5 Create a Target Profile
147(1)
Step 6 Determine, Analyze, and Prioritize Gaps
147(1)
Step 7 Implement Action Plan
147(1)
Data Sanitization Defined
147(1)
Physical Destruction
148(1)
Degaussing
148(1)
Pros and Cons of Physical Destruction
148(1)
Cryptographic Erasure (Crypto-Erase)
148(1)
Pros and Cons of Cryptographic Erasure
149(1)
Data Erasure
149(1)
Pros and Cons of Data Erasure
150(1)
Equipment Details
150(1)
Asset Lifecycle Procedures
151(1)
Suggested Process, In Short
152(1)
Create Contract Language for Third Parties
152(1)
Data Erasure Procedures
152(1)
Responsibility
152(1)
Validation of Data Erasure Software and Equipment
153(1)
Personal Computers
153(1)
Servers and Server Storage Systems
154(1)
Photocopiers, Network Printers, and Fax Machines
154(1)
Mobile Phones, Smartphones, and Tablets
154(1)
Point-of-Sale Equipment
155(1)
Virtual Machines
155(1)
Removable Solid-State Memory Devices (USB Flash Drives, SD Cards)
155(1)
CDs, DVDs, and Optical Discs
155(1)
Backup Tape
155(1)
General Requirements for Full Implementation
155(1)
Procedure for Partners and Suppliers
155(1)
Audit Trail Requirement
156(1)
Policy Ownership
156(1)
Mandatory Revisions
156(1)
Roles and Responsibilities
157(1)
CEO
157(1)
Board of Directors
157(2)
Index 159
RICHARD STIENNON is a renowned cybersecurity industry analyst. He has held executive roles with Gartner, Webroot Software, Fortinet, and Blancco Technology Group. He was a member of the Technical Advisory Committee of the Responsible Recycling standard.

RUSS B. ERNST has over twenty years experience in product strategy and management and is frequently sought for comment on issues related to data security in the circular economy. As Chief Technology Officer at Blancco Technology Group, he is responsible for defining, driving and executing the product strategy across the entire Blancco data erasure and device diagnostics product suite.

FREDRIK FORSLUND has over 20 years experience in the data sanitization industry. He is the Director of the International Data Sanitization Consortium (IDSC) and is a sought-after speaker on topics related to IT security and data protection.