Secure Data Destruction

Secure Data Destruction

Computer Disposals Ltd (CDL) offer cost-effective and secure data destruction services for all data-bearing equipment and devices.

One of the greatest concerns faced by our customers when disposing of their redundant IT equipment is the removal and destruction of personal and/or sensitive data contained within them.

As identity fraud attacks become more widespread and more sophisticated, it is imperative that businesses and organisations ensure that secure data destruction processes are in place prior to the disposal and recycling of computers, laptops and other obsolete IT equipment.

Failure to do so has obvious ramifications, not only to the public sector, but also to the company itself. There are several high profile organisations who have been prosecuted and heavily fined under the recently updated 1998 Data Protection Act for failing to ensure that secure data destruction had taken place prior to disposing of computer hard drives and other data-bearing equipment.

CDL provide secure data destruction services, either in-house, or onsite at your premises if you wish to witness the process. All processes are fully compliant with the WEEE Directive and full documentation is provided.

How does CDL perform secure data destruction?

The only way to permanently destroy data, without physically destroying the hard disk, is by multiple overwriting of the data by generating and recording random characters across the entire surface of the drive, resulting in complete data destruction and resetting of file sizes to zero.

There are a number of overwriting standards which people refer to, however the current recognized UK standard is HMG IS 5 Enhanced, although there are many global equivalents, which can confuse the issue.

CDL uses White Canyon Wipe Drive 8.1 overwriting software, which is the only overwriting software in the world to be certified to NIAP Common Criteria EAL 4+ and is the only software approved by the likes of Interpol, Homeland Security, IBM, Microsoft and Cisco.

White Canyons Wipe Drive 8.1 is also CPA approved in the UK under the NCSC. The CPA standard has now replaced the CESG standard.

By conforming to CPA and NIAP certification White Canyon meets many global standards to include:

  • GB Infosec Enhanced Standard 5
  • NIAP EAL 4+
  • US DoD 5220.22-M
  • NATO NAPC
  • NST 800-88 Rev 1 Compliant
  • FACTA Standards
  • Sarbanes-Oxley
  • US Army AR380-19
  • US Air Force System Security Instruction 5020
  • US Naval Staff Office Publication P-5329-26
  • US National Computer Security Centre TG-025
  • Australian Defence Signals ACSI-33 (X1-P-PD)
  • Canadian RCMP TSSIT OPS-II Standard Wipe
  • German VSITR
  • CSEC ITSG-06
  • HIPAA

As of February 2017 White Canyon Wipedrive version 8.1 is currently awaiting final approval under CESG and is expected to pass in February.

How does the process apply to solid state disk drives?

Effectively erasing data from storage devices is a critical function of data security management.

While the approach for erasing hard drives is widely understood, solid state disks (SSD) require different techniques to achieve sufficient data security.

Because Solid State Disk (SSD) storage technology is inherently unique in the way data is stored, the assumption that the erasure techniques that work for traditional hard drives will also work for SSDs is problematic.

Traditional hard drives store their data in a linear, ordered manner.

Due to the nature of flash memory's operation, data cannot be directly overwritten as it can in a hard disk drive.

Solid State Drives (SSD) and flash storage are unique and complex devices that provide high value to users.

As such, SSD will see a rapid and increased adoption in the marketplace.

Moving forward, the mind set of data removal from the traditional hard drive is changing in how information is accessed and dealt with on a digital level.

What happens if data destruction is unsuccessful?

In the event that data destruction is unsuccessful i.e. if the hard drive fails the data erase process, or if the hard drive is below 80GB, the hard drive is physically destroyed at our facility using an ADISA and DIPCOG approved disc crusher.

All company references including permanent security markings will be removed from equipment, prior to resale. In the event that permanent security markings cannot be removed, equipment will be forwarded for destruction.

Watch a video of our crusher in action here.

What are the benefits of secure data destruction?

Peace of mind:
You can be certain that all our secure data destruction processes more than exceed Government guidelines and are fully compliant with all relevant legislation.

Cost-effective:
Our charges for secure data destruction are competitive and we specify no minimum quantity requirements.

Compliant with legislation:
All CDL data destruction services and processes are compliant with all necessary legislation, including The Data Protection Act of 1998 and The WEEE Directive.

Environmentally friendly:
Our WEEE recycling and disposal services are fully WEEE compliant. CDL guarantee 0% landfill.

Convenient:
We can perform data destruction and hard drive destruction either onsite at your premises or offsite at CDL Headquarters.

Contact CDL today to discuss your data destruction and disposal requirements.

Instant Quotation