IRS Wiping Standards: Contractor Security & Privacy Controls
The Internal Revenue Service (IRS) released Publication 4812: Contractor Security and Privacy Controls in 2013. The purpose of Publication 4812 is to identify security requirements for contractors and subcontractors who handle or manage IRS information. The publication identifies requirements established by the National Institute of Standards and Technology (NIST).
Publication 4812 is mandatory to follow for "IRS contractors and contractor personnel who possess or have access to Federal Information or information systems, or are responsible for handling or processing Federal Information or information systems pursuant to or in the course of performance of a contract, order, or agreement with the IRS."
Publication 4812 is split up into several sections, but here we will focus on chapter 21, Media Protection, which covers the IRS wiping standards that contractors must comply with.
IRS Publication 4812 & Full Disk Wiping Standards
Page 82 of the publication explains: "The most common way to clear data is to perform a disk wipe using a software tool that overwrites all sectors of the disk with positive and negative (0 and 1) values." If you are wiping Federal Tax Information (FTI) then 7 wiping passes are required, but otherwise 3 passes are acceptable.
Publication 4812 goes on to state the software tools approved for the accomplishment of the task: "Full-disk wipes shall be applied to workstations and laptops. Software tools that have been validated by the International Standards Organization (ISO) are:
- Windows - BCWipe Total WipeOut, Darik's Boot and Nuke (DBAN), and Parted Magic.
- MAC - BCWipe Total WipeOut.
- UNIX/Linux - BCWipe Total WipeOut, Darik's Boot and Nuke (DBAN), and Parted Magic."
Jetico's solution for securely wiping hard drives, BCWipe Total WipeOut, is the only tool on the list that has been validated for all 3 operating systems: Windows, MAC and UNIX/Linux.
Contact us to learn more about the solution, schedule a demo or request a price quote.
IRS Publication 4812 & Selective Wiping Standards
Page 82 of the publication states: "Partial data clearing can be appropriate for IRS data stored on file servers that also contain other customer information."
Publication 4812 goes on to list the software tools approved for the accomplishment of the task: "There are a variety of software tools that can be used to overwrite selected files and folders, thus retaining the data of other customers. Software tools that have been validated by the International Standards Organization (ISO) are:
- Windows - BCWipe, Erasure, Identity Finder, and Microsoft SDelete.
- MAC - BCWipe, and Secure Empty Trash.
- UNIX/Linux - BCWipe, and SRM."
Jetico's solution for securely wiping selective files and folders, BCWipe, is the only tool on the list that has been validated for all 3 operating systems: Windows, MAC and UNIX/Linux.
Contact us to learn more about the solution, schedule a demo or request a price quote.