XTINCT is a tool for wiping data from DASD and Tape to ensure the original data is unrecoverable. The product provides users with various levels of protection to ensure compliance with all state and federal regulations.
Why is it necessary?
Years ago, disk or tape media was accessed by only a few people, password protected and considered reasonably safe. Even disaster recovery testing at offsite locations didn't raise much concern for the safety of corporate data. After testing, many would scratch the table of contents and walk away feeling corporate data was reasonably safe. Today, however, is a different story.
Terrorism, identity theft, off shoring, outsourcing, litigation, the Internet and the global economy have all highlighted the need for increased data protection. Governments have passed legislation to hold corporations responsible for securing private information under their care. Beyond government standards, industry regulations such as the Payment Card Industry Data Security Standard have further defined the rules, and corporations desiring to do business with them must be in compliance. Failure to comply with these standards for data protection can result in large business losses and severe penalties; so it is no longer simply a matter of due diligence to protect data under your control - it is a necessity.
XTINCT meets all the requirements of US Department of Defense 5220.22-M (Clearing and Sanitization Matrix for Clearing Magnetic Disk) by overwriting all addressable locations with a single character. XTINCT also meets the sanitization requirement by overwriting all addressable locations with a character, its complement, then a random character and verifying. For tapes, the DoD only considers degaussing or pulverizing the tape to be a valid erase. XTINCT meets the requirements of most users by overwriting the tape and use of the hi-speed data security erase patterns.
When is it necessary?
Are there any free products available to Clear or purge Data?
The short answer is NO. With utilities such as IEHPROGM, individual data sets or the entire VTOC can be scratched. However, that simply removes the pointer to each data set while leaving all the data on the disk. ICKDSF can perform a MINIMAL INIT to create a label and a new VTOC, but that leaves all the data on the disk as well. A MEDIAL INIT will re-write the Home Address and record zero but may still not render data unreadable. Consequently, it will not satisfy the standard for clearing or purging. These techniques also take a VERY long time.
Xtinct: DSF/E Device Support Facilities/Extended
In addition to providing a complete audit trail and comprehensive reports to satisfy regulators, XTINCT surpasses NIST guidelines for 'cleaning' and 'purging' data. Xtinct also satisfies all federal and international requirements including Sarbanes-Oxley, HIPAA, HSPD-12, Basel II, SOX, Gramm-Leach-Bliley and other data security and privacy laws.