With the use of increasingly sophisticated encryption, an attacker wishing to gain access to an organization’s sensitive information is forced to look outside the system itself for that information. One avenue of attack is the recovery of supposedly deleted data from media. Residual data may allow unauthorized individuals to reconstruct data and thereby gain access to sensitive information. Sanitization can be used to thwart this attack by ensuring that deleted data cannot be easily recovered.
Hard Drive Shredding
Hard drives and other components store valuable and confidential data. Electronic information is already covered by HIPAA and FACTA for businesses, but shredding is ultimately the best solution for outdated hard drives and other information storage units. All hard drives and other storage devices are securely locked under 24/7 video surveillance until wiped or destroyed. Sunnking can provide serialization of every hard drive, secure lock boxes sent to your location, and Certificates of Destruction (COD).
Hard Drive Data Wiping
Information assets possess large volumes of confidential data and protecting this data is imperative. The high cost of data breaches and the risk of data leaks means that proper steps must be taken to ensure the complete and secure disposal of sensitive information. Organizations must have a detailed audit trail as evidence of the steps taken to prevent data leaks. Failure to comply could result in financial loss, damage to a company's reputation, and civil and criminal liability. All hard drives are electronically wiped of all personal data and information and/or shredded.
Security & Confidentiality of Customer Information
- Controlled warehouse access using HID card readers
- Employee and visitor ID badges
- 24/7 video surveillance
- ADT Security Agency
- Documented chain of custody
- Asset tag removal
- No outsourced data destruction
- Certificate of data destruction
- Member of NAID
Compliant with Regulations Pertaining to Secure Erasure of User Data for Drive Disposal or Reuse
- R2 Certification
- HIPAA (Health Insurance Portability and Accountability Act)
- FACTA (The Fair and Accurate Credit Transactions Act of 2003)
- SBA (Sarbanes-Oxley Act)
- PIPEDA (Personal Information Protection and Electronic Documents Act)
- GLBA (Gramm-Leach-Bliley Act)
- California Senate Bill 1386
- Member of NAID (National Association for Information Destruction)
- SEC Rule 17a
- NIST 800-88 (National Institute of Standards and Technology)
- Department of Defense
- Proprietary automated system
- High-volume, low unit cost
- All media formats supported (SATA, IDE, SCSI, FC, SAS, SS)
- Record keeping, event & status logs for each drive
- 100 Hp Shred Tech ST100 Shredder & 40 Hp Shred Pax AZ45 Shredder
More Effective Than Standard Commercial Products
- DBAN and other similar tools are capable and effective tools for erasing information stored on magnetic media hard disk drives. However, we feel that Sunnking’s HDD Sanitization process offers several technical and operational advantages over DBAN and other tools. These consist of the following;
- Secure erase using built in drive commands on later model ANSI ATA and SATA disk drive interfaces.
- Pre and post interrogation of drive SMART data to evaluate the “robustness” of the HDD.
- Turnkey operation – with the exception of connecting and disconnecting the HDD, all aspects of the wiping process are automated, including the creation of data base logs of the details of the wiping process, regardless of the pass/fail status.
Data Sanitization in Hard Disk Drives
- Three basic HDD sanitization levels can be defined: Weak Erase (deleting files), Block Erase (overwrite by external software), and Secure Erase (current drives). *Sunnking utilizes Secure Erase which is a drive command defined in the ANSI ATA and SCSI disk drive interface specification and is built in to the drive hardware. It addresses the HPA issue and completes in about 1/8 the time of 5220 block erasure but still conforms to the ‘erase verify’ requirements of DoD 5220.
- Weak Erase
- Average Time (100 GB): Minutes
- Security: Very Poor
- Comments: Deletes only file pointers, not actual data
- Block Erase
- Average Time (100 GB): Up to several days
- Security: Medium
- Comments: Needs 3 writes + verify, cannot erase reassigned blocks
- *Secure Erase (Sunnking's Process)
- Average Time (100 GB): 1/2 - 2 Hours
- Security: High
- Comments: In-drive overwrite of all user accessible records