Storage Media

ISO 27001:2022 Annex A 7.10 is a physical security control that requires organizations to manage storage media throughout its entire life cycle—from acquisition and use to transportation and disposal—in accordance with the organization's data classification scheme and handling requirements.

A removable media policy should outline approved types of media, mandate encryption for any data written to portable devices, detail the tracking of physical assets, and specify authorized procedures for transport and secure data destruction. Tools like WatchDog Security's Policy Management can help maintain version control and track employee acknowledgements for audit readiness.

Media sanitization is the process of permanently removing data from storage. Under NIST 800-88, Clear relies on logical techniques to sanitize data in standard storage areas, Purge uses advanced physical or logical techniques for higher confidentiality, and Destroy renders the media physically unusable.

Due to wear-leveling features, simply overwriting data on SSDs is ineffective. To sanitize SSD drives securely, organizations should use a vendor-supported cryptographic erase (crypto erase) command, specialized software for block erasure, or physically shred the drives.

No, standard file deletion or quick formatting only removes the file system pointers, leaving the actual data recoverable with standard forensic tools. Secure disposal of hard drives and SSDs requires verifiable cryptographic erasure, multi-pass wiping, or physical destruction.

Organizations must maintain a chain of custody for media disposal and transport, which includes transit logs, courier sign-offs, asset tracking updates, and a signed certificate of destruction when media reaches the end of its life cycle. Tools like WatchDog Security's Asset Inventory and Compliance Center can help link media identifiers to these logs and store certificates of destruction as audit-ready evidence.

Media handling requirements by data classification dictate that highly classified data may be strictly forbidden on unencrypted USBs or optical media, while lower-tier public data may require fewer transport controls but still follow the standard storage media lifecycle management policy.

Degaussing uses a powerful magnetic field to destroy data on magnetic media like HDDs and tapes but does not work on SSDs. Shredding physically pulverizes the device, while a crypto erase vs degaussing vs shredding comparison shows crypto erase instantly sanitizes an encrypted drive by permanently destroying the encryption key.

Before returning leased hardware, organizations must securely purge or crypto erase the internal drives so data is permanently inaccessible, adhering to the organization's internal media sanitization procedures and retaining a record of the wipe.

Auditors look for an active storage media lifecycle management policy, a documented data classification scheme, logs tracking media transport, and a certificate of destruction audit evidence to prove that secure data destruction procedures were successfully executed. WatchDog Security's Compliance Center can centralize evidence, attach logs and certificates, and map them directly to Annex A.7.10 for faster audits.

Strong procedures still fail if media goes untracked or ownership is unclear. WatchDog Security's Asset Inventory can help maintain an auditable inventory, assign owners, track status from issuance to retirement, and tie handling requirements to the asset based on data classification.

Using third-party disposal vendors reduces risk, but auditors expect proof and vendor oversight. WatchDog Security's Vendor Risk Management can store vendor due diligence, track destruction requirements in contracts/SLAs, and attach certificates of destruction to each disposal event for quick retrieval.