We're performing an upgrade of our Mark VIe controllers, and as part of our NERC CIP requirements we have to clear out the controller media before the controllers can leave the site.
The requirement states that I need to "destroy or erase the data storage media to prevent unauthorized retrieval of sensitive cyber security or reliability data".
My plan is to remove the Flash card from each controller, place into a Flash reader, and reformat the entire card as a different file system (FAT32). Then, I intend to write a large file (basically random numbers) to the card to completely fill it up. After this, I'll delete the file, remove the card, and most likely toss it in the trash. I've heard some horror stories about re-using Flash cards, so it's unlikely that I will re-purpose them, unless it's in a test lab of some sort.
My question is this: Are there any other places on the GE controller that I need to be concerned with sensitive data hiding besides the Flash card?
P.S. I may also take out some frustration on the cards with a hammer. Haven't decided yet.
Mike Toecker
The requirement states that I need to "destroy or erase the data storage media to prevent unauthorized retrieval of sensitive cyber security or reliability data".
My plan is to remove the Flash card from each controller, place into a Flash reader, and reformat the entire card as a different file system (FAT32). Then, I intend to write a large file (basically random numbers) to the card to completely fill it up. After this, I'll delete the file, remove the card, and most likely toss it in the trash. I've heard some horror stories about re-using Flash cards, so it's unlikely that I will re-purpose them, unless it's in a test lab of some sort.
My question is this: Are there any other places on the GE controller that I need to be concerned with sensitive data hiding besides the Flash card?
P.S. I may also take out some frustration on the cards with a hammer. Haven't decided yet.
Mike Toecker