MP-6(8): Remote Purging or Wiping of Information

Control Family:

Media Protection

CSF v1.1 References:

Threats Addressed:

Baselines:

(Not part of any baseline)

Previous Version:

Control Statement

Provide the capability to purge or wipe information from [Assignment: organization-defined systems or system components] [Assignment: remotely, under the following conditions: [Assignment: organization-defined conditions] ].

Supplemental Guidance

Remote purging or wiping of information protects information on organizational systems and system components if systems or components are obtained by unauthorized individuals. Remote purge or wipe commands require strong authentication to help mitigate the risk of unauthorized individuals purging or wiping the system, component, or device. The purge or wipe function can be implemented in a variety of ways, including by overwriting data or information multiple times or by destroying the key necessary to decrypt encrypted data.