Secure Hard Drive Sanitation

Today’s storage environment is rapidly evolving with data possibility passing thought multiple organizations, systems, and storage media in its lifetime. As a result, an increasing number of companies like ours are responsible for effectively sanitizing media. The effective management of information from inception through disposition is the responsibility of all those who hold the data from your business to ours. This is why it is very important to choose the right company to handle the sanitation of your data. We Buy Used IT Equipment follows sophisticated methods to ensure that sensitive data is effectively protected. We make sure that access to your data is infeasible. We will help your organization in making practical sanitations decisions based on the confidentiality of your information.

Two types of secure data sanitation

Purge

Our preferred method of data eradication is secure eraser of hard drives. This method is preferred because it provides complete, secure and cost effective data destruction, yet leaves the physical drive undamaged so that it can be reused. To effectively eradicate your data, We Buy Used IT Equipment follows the recommendations of the U.S. Department of Defense of following NIST as the best method for secure data eradication.

Physical Destruction

The process of physically damaging the medium so that it is not useable in a computer and so that no known exploitation method can retrieve data from the medium.

Major Legal and Regulatory Frameworks:

DOD

The DoD 5220.22-M has been the most popular of all wiping methods as it was designed in 90’s through the Department of Defense in the United States. The method involves three overwriting passes with a random patterns of ones and zeros written onto the disk. Many increased the three pass method to seven but ultimately the recommended methodology has changed to the NIST system. In more recent years the DOD has referenced NIST as the more secure way to handle the eradication of hard disks.

NIST

The NIST 800-88 is the newest method that has taken precedence over DoD. After much debate of overkill on the DoD method, the Department of Commerce created this method in 2014. NIST accepts the manufacturer’s methods of erasure but also sets a basic guideline to meet: 1-pass wipe and 1-pass verify. The summary of NIST is: If the media will be reused, and will be leaving organization control then purging should be selected as the sanitization method. If the media will be reused, and will not be leaving organization control then clearing is a sufficient method of sanitization. If the media will not be reused at all, then destroying is the method for media sanitization.

Summary of NIST Sanatization Types:
Media TypeClearPurgeDestroy
Hard DrivesOverwriteSecure Erase, degauss, or disassemble and degauss the enclosed plattersDisintegrate, pulverize
SOX

The Sarbanes-Oxley Act of 2002 was designed to ensure financial and accounting data stayed secure. There is no specific method of wiping specified in the SOX act, but it requires a company to have a plan in place for keeping data secure.

HIPAA

The HIPAA Privacy Rules by the Department of Health and Human Services was designed to keep our health information secure. Similar to the SOX act, there is no method of wiping specified. However, to meet this compliance companies with client health information must securely destroy data for drives that are to be discarded.

We provide a data destruction certificate for every order.

Sample Data Destruction Certificate