Media Resource Protection: Media resource protection can be classified as media security controls that are used to monitor and block threats that compromise confidentiality, integrity and authenticity, and media viability controls, which are implemented to preserve the proper working condition of the media.
Media Security Controls: Media security controls are designed to prevent the violation or loss of sensitive information when the media is stored outside the system. This is achieved through logging the use of data media which offers accountability and assists in physical inventory control; physical access control is used to block unauthorized personnel from accessing the media; and sanitization of the media to prevent data residue and to maintain safe and proper disposal of the data media. Three methods can be used for media sanitization, namely overwriting, degaussing, and destruction.
In AC erasure, media is degaussed by applying an alternating field that is reduced in amplitude over time from an initial high value. In DC erasure, media is saturated by applying a unidirectional field. The physical destruction of paper reports, diskettes and optical media are required before disposal. These techniques can include shredding or burning documentation, breaking up CD-ROMS and diskettes, or eliminating them with acid. For best practices, paper reports should be destroyed by personnel with authorized levels of security clearance.