we are running PCI scans on shared drives with a view to deleting lots of old files containing PAN. My question is around the quarantine/deletion mechanism - if we quarantine the files and then delete them from the quarantine, is it a secure deletion which renders the files completely unrecoverable? i.e. is it PCI compliant?
I can't seem to find any detailed documentation on how this works 'under the covers', any help appreciated!
I guess it depends on what tool (not SDLP) you will be using to delete the files.
Network Protect simply copies or quarantines the file. The tool isn't leveraged to do the actual deletion of the file.
Hope that helps.
Just a follow up, as mentioned there is no part of Symantec DLP that performs the actual deletion. It would depend on the 3rd party tool that is used to perform the deletion.
The deletion program could be call from the response rule via a FlexResponse
I'll look to use your suggestion of setting up a FlexResponse rule to perform the deletion. I'll contact our account manager to see which suitable tools are available.
So, if my understanding is correct, we could quarantine the files then when we get business approval to delete them we could simply re-run the scan with the FlexResponse rule to call the secure deletion tool active?
To clarify around quarantining, I have heard conflicting reports about what actually happens; does a 'quarantined' file actually get moved to the quarantine? I have also heard that a link is merely created and the original file is rendered inaccessible to the user, but doesn't move.
Thanks in anticipation!