Data Destruction is the process of destroying data stored on tapes, hard disks, and other forms of electronic media so that it is completely unreadable and cannot be accessed or used for unauthorized purposes. Every company, across all industries, faces the risk of data breaches, identity theft, and business fraud because of the presence of data on retired digital assets. In fact, 40% of tested IT equipment still contains personally identifiable information (PII) of the hardware’s original owners, according to the National Association for Information Destruction (NAID). The unintentional mismanagement of critical company and personal data stored within company-managed electronics puts your company at risk for damage to your brand and reputation; loss or theft of intellectual property and critical customer information; compliance and privacy law fines; and even criminal charges.
Understanding the gravity of these concerns, United Electronic Recycling has developed data destruction procedures using the highest level of compliance that guarantees the permanent destruction of your data. Your company can rely on UER’s Data Destruction management process to be your solution, ensuring that all data is destroyed and irrecoverable, adhering to the highest industry standards, and including required regulatory and corporate compliance documentation. Upon completion, you will be provided with a Certificate of Destruction, ensuring your full compliance with state and federal privacy laws, including FACTAA and HIPAA.
Beyond hard drives, many other electronic devices are recommended for data destruction. This includes CDs and DVDs, cell phones, hard and floppy disks, memory sticks, USB drives, backup tapes, ID badges, and any other items with sensitive data.
Best Practices in Data Destruction
The best solution for data destruction for your company will depend on the type of media, the sensitivity of the data, and the end-of-life value of your assets. Many companies will attempt to perform data destruction in the house, typically less time and cost-effective.
Ideally, your chosen company will have the on-site capacity for destroying data. This level of service is the most labor-intensive, which makes it the highest cost method, but it provides the tightest custody chain possible.
It is often more cost-effective to physically ship hardcopy software and hardware to a destruction facility. Ideally, your destruction company will provide tracking of your assets and security measures to keep your data safe throughout the destruction process.
Options for Disposal of Digital Data
Data Destruction regulatory standards:
- The Department of Defense Standard (DOD 5220.22M)
- NIT 800-88 Guidelines for Media Sanitization
- The Media Sanitization Guidelines as promoted by the IRS.
The three primary methods of data destruction are readily explained in the IRS’s Media Sanitization Guidelines, which outline the following:
- Clearing information: This is a drive wipe for average-level threats and is the most basic data destruction option offered. This erasure method usually works well for companies that want to retain or sell their hard drives. It also tends to be the most affordable option.
- Purging information: This is an advanced form of drive wipe for businesses that may experience advanced technology attacks. Security measures are higher, and after service, the company should retain hard drives for reuse or resale.
- Destroying the drive: This is the highest level of protection against data theft, as it ensures that absolutely no trace of any information is left behind in the process. All memory is physically shredded, burnt, or smashed. As a result, the drive becomes unusable.