The issue of securely destroying electronic data in order to maintain privacy is one that touches us all. This is the case whether you represent an organization or an individual, and whether you are very familiar with the threat, or have not yet fully assessed it. At Computation Ltd. we have developed our secure data destruction and threat analysis services to eliminate the liability associated with data theft and loss. Ensuring secure data destruction when your data is no longer required, or when the equipment which stores it is being disposed of can often become a forgotten or neglected step.
Computation Ltd. has developed a suite of state-of-the-art techniques to ensure that any data destruction requirement can be met. In dialogue with our clients, the most suitable method is chosen. The most popular techniques are described below:
Disk Wiping Software
Using specialized software which operates according specifications outlined in white papers published by the RCMP, and US Department of Defence, hard-disks are sanitized. The sanitization process involves each bit of data on a hard-disk being overwritten by an arbitrary value between 3 - 30 times.
Mechanical damage and melting
Should it be deemed appropriate, mechanical means of data destruction are employed. This is a two-stage process. In the first step the hard-drive platter is punctured by a drill bit. Once each hard-drive in a project has been punctured, all units are collected and sent to a smelter, where they are melted.
Equal in importance to the process we apply in destroying data is the means by which we track and report our progress on a project. Please see our section on Asset Management & Reporting for more information on this topic.
With the incidence rates and visibility of identity theft, and corporate espionage on the rise it is important that secure data destruction be considered with the seriousness it deserves in order to stay ahead of the game. Simultaneously, governments are passing legislation and regulations which place the responsibility of data security squarely on the shoulders of those organizations which collect data. In Canada and the United States applicable laws and regulations include: PIPEDA, GLBA, Sarbanes-Oxley, ISO-17799, ISO-20000 and ISO-27001.