To provide SharePoint Administrators a deletion tool that will ensure that data that needs to be properly disposed has available deletion algorithms with varying levels of passage ensuring compliance with certain business regulations and overall corporate security. The SharePoint Scrubber plays an intrinsic role in a SharePoint Backup / DRP (Disaster Recovery Policy), scrubbing files that are taken off site for backup.
- SharePoint Administrators
- Systems Administrators
- Server Custodians
- Disaster Recovery Analyst / Operators
Often times, there is sensitive data that is stored on your SharePoint machines. This data can be stored at several levels in several formats, the most critical of which to delete when necessary is various backup packages, such as site template packages (.stp’s), manifest and dump files (from the SharePoint backup utility), or SQL backups. Data that is stored, however later deleted, is subject to Data Reminisce, which is certain fragments of data still existing, and recoverable by using utilities or skillful shell programming.
For proper disaster recovery and security measures, these files should be backed up and stored offsite (see the SharePoint Disaster Recovery Policy), and immediately removed and scrubbed from the machine. Most often, these are simplifying deleted using standard deletion techniques, which more often than not will just remove references to files or other deletion methods that still allow data retrieval by an interested party.
Wiping the data can leverage a variety of algorithms, the four that are currently supported by the SharePoint Scrubber are
Currently supported Algorithms (along with passing specifications)
- B. Schneiers / (typically will scrub with 7 data passes)
- Fill Zeros / (typically will scrub data with 1 pass)
- NAVSOP5239-26 (typically will scrub with 3 data passes)
- Peter Gutmann (typically will scrub with 35 data passes, read original research here)
If you want to use a method that is not listed here, please contact me and I will typically write it up and send you an addition to the methods binding.
The first screen that you will introduce to when starting the scrubber is the individual file and folder scrubbing screen, where you can select individual files and folders that will be erased according to your algorithm preferences set in the “Algorithm Preferences” menu.
Once the screen is up, you can add either or files or folders.
Once you select a file that you want to securely delete, it will appear in the queue for files and folders that will be deleted.
If you have items that are in your recycle bin that you want to scrub with a deletion algorithm, you can simply go to the tab labeled “Scrub Recycle Bin” and it will list all of the items that are located in your recycle bin. You can choose to delete some or all of the items.
If you want, you can apply a segregated deletion algorithm if you desired more data passes on your items by selecting it out of the algorithms button /menu.
If you have heavy activity on your server (example: since SharePoint is typically a production developed product, so besides playing the role of a web server, your SharePoint environment is using the SharePoint Scrubber on machines with VS.NET, PS, FP, or other tools), you can view and scrub the MRU’s (Most Recently Used Objects) on the server to cloak activities on the box.
This will only list the default MRU’s that typically exist (at least, from my perspective), on a SharePoint server. If you want you can choose to query the registry for other MRU’s or add a key that you know exists. If your registery query grows out of control, you can halt the process, and pick it up piece by piece.
The above shows some activity that wouldn’t be listed with common MRU’s. Programs that I have been using such as Flash 8 and Crystal Xcelsius for a current project are not typical for every SharePoint server.
Following, you can add a key that you know exists to add it to the scrubbing queue.
On the last screen, you can begin to select preferences in regards to algorithms that you want to apply as a deletion technique. There are currently only four written, however I am open to creating more if you email me at <removed>.
You can apply different algorithms to different deletion types, on either files or folders, which will inherit from the first form for individual file and folder deletion. All of the settings you create are stored within the programs local .ini file. You can expand the description if you want by using the arbitrary algorithm’s appropriate .ini file.