AC-4(25): Data Sanitization

Control Family:

Access Control

CSF v1.1 References:

Threats Addressed:


(Not part of any baseline)

Info icon.

Control is new to this version of the control set.

Control Statement

When transferring information between different security domains, sanitize data to minimize [Assignment (one or more): delivery of malicious content, command and control of malicious code, malicious code augmentation, and steganography encoded data, spillage of sensitive information] in accordance with [Assignment: organization-defined policy]].

Supplemental Guidance

Data sanitization is the process of irreversibly removing or destroying data stored on a memory device (e.g., hard drives, flash memory/solid state drives, mobile devices, CDs, and DVDs) or in hard copy form.