ACSI - 33
Australian Government Information and Communications Technology Security Manual
The Australian Government Information and Communications Technology Security Manual (also known as ACSI 33) has been developed by the Defence Signals Directorate (DSD) to provide policies and guidance to Australian Government agencies on how to protect their ICT systems.
Australian Government agencies are required by the Protective Security Manual (PSM) to comply with ACSI 33. Agencies must consider the security implications of their IT systems and devise policy and plans to ensure the systems are appropriately protected. Although security needs will be greatest when national security classified or non-national security classified information is being processed, even unclassified systems with no special safety, mission critical, or financial implications should have some degree of protection if a reliable or accurate service is to be maintained.
The manual is released annually, generally in September. Last update was September 2007.
This manual can be downloaded from DSD directly
Compliance and Certifications
The requirement for agencies to comply with the manual has been incorporated into the manual.
The table above was extracted from the latest ACSI 33 Manual for ilustration purposes only. Complete manual can be downloaded by clicking on the image. Download is directly from Defence Signals Directorate website.
ATA Secure Erase Command
It became effective September 2007 the use of ATA Secure erase Command for hard drive sanitisation. ATA Secure Erase command is part of the hard drive specifications for ATA/IDE/PATA ,SATA and SCSI drives, although SCSI, SAS and Fibre Channel drive specifications classify the Secure Erase Implementation as "optional". To date it is unknown if any SCSI, SAS or Fibre Channel drive to support the Secure Erase technology. All ATA/IDE/PATA and SATA drives, except older drives (before 2001 or under 15G), have the Secure Erase command implemented and can be accessed with specialised equipment, listed on the products page.
SCSI, SAS and Fibre Channel drives can be erased using other specialized products as well, developed to perform software overwrite routines in order to sanitise drives. Although regular software overwrite provides a lower level of security, it is to date the only solution available to sanitise these type of hard drives.
Available ATA Secure Erase Products
The release of the first hard drive sanitisation product that could safely run the ATA Secure Erase command in the hard drives only happened in late 2006. The EDT Digital Shredder ™ was the pionneer in providing organisations access to this so important hard drive feature. Following the EDT Digital Shredder ™, in March 2007, CPR Tools released a small device called The Hammer™ able to run the Secure Erase command. Both products provide support to ATA/IDE and SATA drives. A third and a fourth product were recent released by another manufacturer also providing support for Secure Erase.
Consulvest is the distributor for all available ATA Secure Erase products in Australia and New Zealand.
HDD Secure Erase Sanitisation Services
Consulvest also offers Secure Erase Sanitisation Services to organisations, please check the Services page for further details.
Some information on this page have been extracted from DSD website: http://www.dsd.gov.au/library/infosec/acsi33.html