marklar23 Absent Member.
Absent Member.
1015 views

Purge Compliance and Scheduling

One of the departments where I work deals with fingerprint records and we recently had an audit from the FBI to see how we handled the processing and destruction of those files on the network...which left a little to be desired as we weren't sure on some compliance questions.

My understanding is that (usually) when a file is deleted it is still recoverable until Purge is run. We run Purge manually several times of the year. Is Purge compliant with any data sanitization methods? For example, we have a program that uses DoD 5220.22-M on our workstations, which my understanding is that it sweeps the files 3 times to ensure destruction. What exactly happens when Purge is run?

Our main concern is that it is not like Windows in that with the right tools you can find and access the files that you thought were deleted, that when something is purged from NSS that it is gone from the system. This information will also help me to determine the priority of which of our systems need to be migrated to SLES, which my file server isn't currently scheduled until 2 years out.

Finally, I'm looking for a way to schedule purge to run at a regular interval on the department's drive. Is there a way to schedule purges to run on specific folders within a volume, or if I have to the volume itself on a regular basis?

Thanks for any information!
Labels (2)
0 Likes
3 Replies
ataubman Absent Member.
Absent Member.

Re: Purge Compliance and Scheduling

Purge is not the same as a data scrub, the files would still be recoverable to a determined attacker. Portlock for instance can do data recovery from a purged NSS volume. What you want to do is turn on Data Shredding for the volumes used to store this data. From the documentation:
The Data Shredding feature overwrites purged disk blocks with random patterns of hexidecimal characters. This prevents unauthorized users from using a disk editor to access purged files. You can place up to seven data shred patterns over deleted data.


Do you ever want to salvage those files after deleting but before purge? If not you can apply the P (Purge Immediate) flag to the volume.

Andrew C Taubman (Sorry, support is not provided via e-mail) Opinions expressed above are not necessarily those of Micro Focus.
0 Likes
marklar23 Absent Member.
Absent Member.

Re: Purge Compliance and Scheduling

Thank you, that is exactly the info I was looking for!
0 Likes
hspeirs Absent Member.
Absent Member.

Re: Purge Compliance and Scheduling

marklar23,
>
> Thank you, that is exactly the info I was looking for!


In addition to Andrews information, if you're looking for scheduled
Purges you may want to look at my AutoPurge utility.

http://postie.caledonia.net/store/index.php?route=product/product&path=42&product_id=61

H.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.