How Blancco Helps Organizations Achieve Compliance with NIST SP 800-88

What is NIST SP 800-88?

Publications in NIST’s Special Publication (SP) 800 series are targeted at providing “guidelines, recommendations, technical specifications and annual reports of NIST’s cybersecurity activities.”

Published by the United States National Institute of Standards and Technology (NIST), these publications are designed to support the needs of U.S. federal government institutions, though they have been referenced by organizations in many different industries and regions around the world. NIST SP 800-88, specifically, was created by NIST in accordance with its statutory responsibilities under the Federal Information Security Management Act of 2002 (FISMA) to outline information security standards and guidelines around media sanitization.

Updated in 2014 to NIST SP 800-88 Rev. 1, the publication is also used internationally and by nongovernmental organizations.

Blancco helps organizations across a wide range of industries comply with NIST SP 800-88, Rev 1. See the following chart for some examples of specific areas of the document and how Blancco can help address them.

Clear, Purge, and Destroy are actions that can be taken to sanitize media. The categories of sanitization are defined as follows:

Clear applies logical techniques to sanitize data in all user-addressable storage locations for protection against simple non-invasive data recovery techniques; typically applied through the standard Read and Write commands to the storage device, such as by rewriting with a new value or using a menu option to reset the device to the factory state (where rewriting is not supported).

Purge applies physical or logical techniques that render Target Data recovery infeasible using state of the art laboratory techniques.

Destroy renders Target Data recovery infeasible using state of the art laboratory techniques and results in the subsequent inability to use the media for storage of data.

It is suggested that the user of this guide categorize the information, assess the nature of the medium on which it is recorded, assess the risk to confidentiality, and determine the future plans for the media. Then, the organization can choose the appropriate type(s) of sanitization. The selected type(s) should be assessed as to cost, environmental impact, etc., and a decision should be made that best mitigates the risk to confidentiality and best satisfies other constraints imposed on the process.
Blancco supports both NIST Clear and NIST Purge methods of data sanitization through its software-based data erasure solutions.

Blancco Drive Eraser achieves both Purge-level and Clear-level sanitization on SSDs, including NVMes, and on HDDs in SANs, servers, laptops, and desktops.

Additionally, Blancco LUN Eraser meets NIST Clear requirements for data sanitization of logical unit drives.

Macs with T2 chips and Chromebooks can also be erased to NIST specifications.
Every Blancco erasure is verified and certified by an audit-ready, tamper-proof certificate of erasure.

Additionally, Blancco software-based erasure enables improved operational efficiency, reduces handling costs, and increases control of the data sanitization process.
(Referring to Cryptographic Erase):
“Due to the difficulty in reliably ensuring that partial sanitization effectively addresses all sensitive data, sanitization of the whole device is preferred to partial sanitization whenever possible.”
Blancco Drive Eraser targets every portion of the drive during erasure, including remapped sectors and hidden areas. In both magnetic and solid-state drives, Blancco Drive Eraser offers overprovisioning to handle wear leveling. This guarantees 100-percent data sanitization and is backed by a tamper-proof report.
“Purge (and Clear, where applicable) may be more appropriate than Destroy when factoring in environmental concerns, the desire to reuse the media (either within the organization or by selling or donating the media), the cost of a media or media device, or difficulties in physically Destroying some types of media.”Blancco data erasure solutions permanently remove data from a wide range of end-of-life devices so that they can be safely reused, reassigned, or sold into the secondhand market. This is good for the environment and encourages cost savings. It’s also an established best practice, with hundreds of millions of IT assets currently being securely redeployed across the globe.

Download the solution brief above to view the entire list of examples and how Blancco can help address them.

Originally published May 2019, updated September 2022

To experience how Blancco data sanitization software delivers NIST SP 800-88 compliance for your IT assets, take advantage of a free trial that’s customized for you.