Newsletter Sign-Up

Receive the latest technology news and information.

Sidebar: Best Practices for Data Destruction

By Robert L. Mitchell

January 31, 2005 12:00 PM ET

Computerworld - Here's a summary of best practices used by Vince Tuesday when using an IT equipment disposal vendor to ensure complete destruction of all data. Tuesday (not his real name) is a security manager at a large financial services company and a former contributor to Computerworld's Security Manager's Journal.

Physical Disposal Practices

Items to be removed from site are placed in a storage area within the organization's IT premises.

Removable drives are checked, asset tags are scanned, and a report of the assets to be removed is generated for final checking and audit-trail purposes.

Once the report is signed off on, items are removed from the site. Specific security guidelines for transportation are enforced, such as providing access to known, registered personnel only; conducting security checks on courier staff; using unmarked vans and specifying that vans may not be left unattended or unlocked; and so on.

When arriving at the supplier's facility, the assets are booked into the supplier's system. A report is sent immediately for comparison with the removal report to ensure that all assets were received.

Prior to processing, equipment is held separately from that of other customers.

Company tags are removed during processing, before disposal or resale.

Unannounced inspections of the supplier's premises are permitted in the contract.

Data Sanitization Practices

Data is wiped using a DOD three-pass algorithm with software certified by authorities such as the British Communications Electronic Security Group (baseline and enhanced), U.S. Department of Defense (DOD 5220.22-M) plus other international standards. This service is used on servers (Unix and Intel-based), disc arrays, laptops, desktops and PDAs.

When the disk can't be accessed, it is removed and and then drilled in order to destroy it. The system unit is then recycled as component spares.

If removable media is found, it is offered to the customer for secure return or destruction.

On completion of data erasure, a certificate (per batch) is provided to the customer.

Printers and faxes have their memories purged using setup menus (or via a disk erasure utility, if it has a hard disk).

Mobile phones are wiped by checking for SIM cards (and returning if found) and erasing via menus.

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

Hardware

Additional Resources

WHITE PAPER

Do You Know the 7 Steps to Successful Data Migration?

Approximately 60 percent of data migration projects overrun time or budget, while some fail completely. Download this white paper, "Enhancing Your Chance for Successful Data Migration," to learn the critical steps you need to take to execute a data migration project with minimum cost and risk to your business.

WHITE PAPER

Total Cost of Ownership of Server Computing Vs. PCs

Read the Gartner research note to learn why the TCO of a server-based computing deployment used to deliver all applications to users is around 50% lower than that of an unmanaged desktop deployment.

WHITE PAPER

IDC White Paper: Linux in a Global Recession

Economic downturns have a tendency to accelerate emerging technologies, boost the adoption of effective solutions, and punish solutions that are not cost competitive or that are out of synch with industry trends. This IDC White Paper presents the results of an IDC survey of 330 companies in Western Europe, Asia/Pacific and the Americas that measures the receptiveness to Linux and takes into consideration changing views driven by the disruptive economic environment that businesses face today.

White Papers & Webcasts

Informatica 9 Launch: Transform your Business. Transform your world.

LIVE Nov 10, 2009 12:00 PM ET

Architecting Business Intelligence Applications for Change: The Open Solution

LIVE Nov 12, 2009 02:00 PM ET

Faster, Cheaper and Easier to Maintain
Can you afford not to upgrade your servers to today's advanced, energy-efficient technologies?

Top to Bottom Performance Management Excellence at the City of Chicago
View now.

Do more with less thru Netcool?
Learn how IBM Tivoli® Netcool® solutions can help service providers streamline their operations, improve responsiveness and reduce costs.

Effectively Implementing Datacenter Automation
Effectively select and deploy the best datacenter automation solution today!

IDC report: Profitability and OSS Support: A Return on Investment Analysis of IBM Tivoli Netcool
IDC studied 14 mobile and fixed-line service providers that implemented Tivoli® Netcool® and found that IBM Tivoli Netcool can help in big ways.

Aligning IT to Business: The Rising Importance of Application Delivery Networks
Application Delivery Networking (ADN) will play a vital role in helping enterprises incorporate strategic technologies to achieve business initiatives.

IBM Systems Makeover Analysis for Oracle Environments
This brochure shows how the IBM Systems Makeover Analysis takes a look at your current Oracle hardware infrastructure, then proposes a high-level future...

Strategies for Driving Down IT Support Costs with Lite ITIL Practices
View this now!

Lower your IT costs and risks: Get a server makeover
Find out how a server makeover analysis can help you develop a high-level roadmap for your infrastructure.

Mitigate Risk, Lower Costs and Improve Network Efficiency
Create a stable IP network that not only meets today's challenges, but is flexible enough to also meet future demands.

All White Papers | All Webcasts