We have one storage system (DDN/GPFS) that is required to be NIST-compliant, and we bought self-encrypting drives for it. The up-charge for SED drives has diminished significantly over the past few years so that might be easier than doing it in software and then having to verify/certify that the software is encrypting everything that it should be.
On Wed, Sep 29, 2021 at 09:58:58AM -0400, Paul Edmon via Beowulf wrote: > Occassionally we get DUA (Data Use Agreement) requests for sensitive data > that require data destruction (e.g. NIST 800-88). We've been struggling with > how to handle this in an era of distributed filesystems and disks. We were > curious how other people handle requests like this? What types of > filesystems to people generally use for this and how do people ensure > destruction? Do these types of DUA's preclude certain storage technologies > from consideration or are there creative ways to comply using more common > scalable filesystems? > > Thanks in advance for the info. > > -Paul Edmon- > > _______________________________________________ > Beowulf mailing list, Beowulf@beowulf.org sponsored by Penguin Computing > To change your subscription (digest mode or unsubscribe) visit > https://beowulf.org/cgi-bin/mailman/listinfo/beowulf -- Skylar _______________________________________________ Beowulf mailing list, Beowulf@beowulf.org sponsored by Penguin Computing To change your subscription (digest mode or unsubscribe) visit https://beowulf.org/cgi-bin/mailman/listinfo/beowulf