#on #site #hard #drive #shredding
DESTRUCTION AND DISPOSAL OF HARD DRIVES,
ICT EQUIPMENT, MEDIA SENSITIVE ELECTRONICS, SECURE LOGISTICS
We will decommission anything from a single hard drive or small part of a helicopter to a data centre or storage facility. This includes both data-bearing and non data-bearing components.
We offer these services at the customer’s own premises using our mobile inventory cataloguing and destruction capability which enables all work to take place within your own security perimeter under the supervision of your own staff. Alternatively, we provide a fully auditable disposal and recycling process at our own facilities which incorporate detailed reporting on every item received, a method statement and the final outcome for each asset.
Data Eliminate is one of only a handful of secure disposal companies in the UK to be approved by the Ministry of Defence Equipment Support Services (DE S). We are the only one with a shredding and disposal facility in Central London .
We offer One-Off (Single Job) Data Destruction Services or Annual Destruction Contracts covering the shredding, degaussing, crushing and software overwriting of electronic media from hard drives, data tapes to mobile devices. We remove eclectronic waste (WEEE) from site and provide recycling and reburbishment services.
Sensitive information is securely destroyed and the risks presented by data disposal are removed. We have robust, UKAS audited data destruction procedures. All destruction and shredding services are certified to ISO 27001: 2005 (The International Information Security Standard), ISO 9001 (The Quality Standard) and ISO 14001 (The Environmental Standard)
Certain secure disposal services can be purchased directly from the internal MOD P2P and the ICS Catalogue. We are specialists in CESG MOD Approved Hard Drive Media Shredding, Data Disposal and Secure Shredding.
SHREDDING DESTRUCTION – ON-SITE AND OFF-SITE SERVICES
Data Eliminate provides secure decommissioning, disposal and recycling services for Electrical and Electronic Equipment (EEE). The assets covered by these services include:
BENEFITS OF DATA DESTRUCTION AND DISPOSAL VIA SHREDDING
AVOID ADVERSE PUBLICITY reduce the risks of legal, financial and Public Relations disasters in disposing of hard drives which could arise from a data security incident.
AVOID FINES SIMPLIFY COMPLIANCE with UK, EU and international regulations on privacy, data protection and data disposal.
RECYCLE RESPONSIBLY – we offer service options that ensure your IT equipment is dissembled and disposed of correctly. Some can be re-used by charities and good causes.
ENJOY PEACE OF MIND by reassuring customers, staff, other stakeholders and yourself that you are serious about the shredding of HDDs and secure data disposal.
PREVENTING YOUR HARD DISCS AND BACK-UP TAPES BECOMING A DATA DISPOSAL LIABILITY
We don’t expect to be kidnapped or die in a shredding machine. In the same way, as companies or individuals, we also don’t expect to see our old hard disk up for sale on eBay or at a second hand computer fair, when it still contains confidential information about us, our company or its customers. However, a recent international study has shown that this is more likely to happen to our HDDs than one would think.
Confidential Data Destruction
How confident are you in knowing where your data is going?
BT teamed up with the University of Glamorgan to conduct some research into the destruction of data.
300 hard drives were bought at computer fairs or via web stores and disposal auctions in the UK, Germany, France, United States and Australia. The confidential data on them was then examined. Between 35-40% of the hard disks held commercially sensitive data and should have been shredded. These included HDDs holding NHS patient records and intellectual property. One hard drive disposed of by a US source contained launch codes from a missile system!
In the first instance, the obvious move is to choose an accredited supplier with proper HDD shredding capability. The CCT Mark secure disposal scheme run by CESG, part of Cheltenham GCHQ, is the most obvious example of this.
The second action point is to make sure that the internal person ordering the data destruction services is sufficiently responsible or senior and has a basic understanding of the risks involved in HDD disposal. At Data Eliminate, we find so many cases where a very junior member of staff is charged with the job of disposing of old hard discs and media. In these cases, the appointed person’s number one priority is too often to dispose of the disks and get them off his or her desk.
The crucial thing to remember here is that it’s people who represent the biggest security threat through dishonesty, lack of education or sloppiness– not computers or hard discs. So the most obvious risks come into play when you destroy the hard drives offsite as opposed to shredding on-site. With on-site destruction, as the customer you can witness the shredding or destruction process and be sure it is completed to your satisfaction.
With off-site destruction, you are at the mercy of the chain of custody between the collection from your premises and the final place of destruction. Does your data destruction supplier vet their staff and offer other security measures to reduce the chance of the pilfering of a disk or data tape? A simple security measure, in the case of off- site destruction, might be for the service provider to call and confirm that the quantity of items that are about to be processed at the destruction facility, is the same as the quantity handed to their driver. In many cases, sealed security containers may also be used for this purpose.
Data Disposal Policy
A simple way in which you can begin to protect yourself is by having a data classification system in place. This involves labeling documents, files, IT equipment and other items according the value of the data held on them. HMG Government uses a protective marking scheme which provides a good example. There are six ‘impact levels’ within the government protective marking system. Level 1 is ‘HMG Unclassified’, Level 2 is ‘HMG Protect’, Level 3 is ‘HMG Restricted’, Level 4 is ‘HMG Confidential’, Level 5 is ‘HMG Secret’ and Level 6 is ‘HMG Top Secret’. Different policies exist for the daily treatment and final destruction of data from paper to hard drives and data tapes according to its level of security classification or the ‘impact’ a leak of the information might have. Obviously, Level 6 information might comprise NATO’s battle plans and will receive more protection than medical records (as in the case above) which might be Level 2 ‘Protect’.