Why Zeroize? Let's dig in.
This eBook will help you understand the basic concepts of zeroization, why it is necessary, and when to use it for improved cybersecurity.
|
UPDATE - June 2020
FIPS 140-3 enhances the requirements of secure data destruction (known as zeroisation) in some important ways. AEGISOLVE has prepared an Addendum to our eBook in this regard for your reading pleasure.
|
Zeroization is Required for FIPS 140-2.
This requirement is necessary to ensure that module secrets do not fall into the hands of the wrong people during various phases of a module’s lifetime, e.g., emergency situations such as an eminent take-over by enemy forces, module repurposing, or simply the end-of-life of the cryptographic module. Additionally, zeroization is relevant to all cryptographic modules, at all four security levels (1-4) of the FIPS 140-2.
But what level of zeroization is required for your needs? This guide will walk you through the 4 levels and help you understand the intent and practices behind quality zeroization.
What you’ll learn by reading this eBook:
- A technical and practical definition of zeroization
- When and why to use zeroization
- Physical requirements for zeroization
- The various levels of zeroization according to FIPS 140-2 standards
- Media Sanitation as Specified in NIST SP 800-88r1
- The impact of FIPS 140-3 on zeroization (now zeroisation)
