Data Destruction Policy
All employees, clients, vendors and contractors have a personal responsibility to keep information secure and confidential. This policy aims to prevent unauthorized disclosure of information assets by the controlled disposal and destruction of media storing confidential data.
All customer data should be disposed of when it is no longer necessary for business use, provided that the disposal does not conflict with our data retention policies, our customers data retention policies, a court order, or any of our regulatory obligations.
- All employees, clients, vendors and contractors are instructed to not use the following media to store confidential information.
- paper-based media
- USB Drives or External Backup programs
- CD ROM drives.
- All cloud based storage media being decommissioned should be sanitized when it is no longer necessary, provided that there is a backup of customer data on production systems to comply with our customers data retention and contractual obligations.
- Laptop based storage media may not be donated or sold. All laptop based storage media should be sanitized prior to transfer of ownership to a co-worker or prior to destruction.
The following table displays the forms of storage media currently in use.
|Media Type||Location||Data Storage Mechanism||Removal Methods|
|Hard Disk Drives||Laptop||Non-volatile magnetic||Clearing, Destruction|
|Solid State Drives||Laptop||Solid state||Clearing,Destruction|
|Amazon S3||Cloud||Non-volatile magnetic|
|Amazon EFS||Cloud||Solid state||(DoD) 5220.22-M|
|Amazon EBS||Cloud||Solid state||(DoD) 5220.22-M|
If comprehensive data removal from the media is not required, then non-specialist staff or contractors may carry out clearing. Typical clearing programs use sequential writes of patterned data, ensuring that data is not easily recovered using standard techniques and programs. To ensure that historical data is thoroughly removed it is advisable to make as many passes as is practicable.
Purging is a more advanced level of sanitization that renders media unreadable even through an advanced laboratory. After removal of media from its current security context there must be sufficient care taken to ensure that data is irretrievable. If purging of the media is required, a minimum of seven passes qualifies as a purging process.
Destroying renders media unusable. Destruction techniques include but are not limited to disintegration, incineration, pulverizing, shredding and melting.
Media Destruction Techniques
Storage Media, which is being decommissioned, will be passed to a specialist contractor for secure disposal.
A) Hard Disk Destruction
Degaussing is a simple method that permanently destroys all data and disables the drive. Degaussing uses a high-powered magnetic field that permanently destroys data on the platters. The recommended specification for data destruction is the SEAP 8500 Type II standard used for classified government material.
B) Solid-State Devices
Solid-state devices normally require the complete physical destruction of the device to ensure that any recovery of data is impossible. Incineration will melt SD cards. Devices such as USB thumb drives should be physically destroyed using brute force methods. As long as appropriate safety methods are in use, non-specialist staff can destroy these devices.
C) Cloud Based(AWS) Devices
“When AWS determines that media has reached the end of its useful life, or it experiences a hardware fault, AWS follows the techniques detailed in Department of Defense (DoD) 5220.22-M (“National Industrial Security Program Operating Manual”) or NIST SP 800-88 (“Guidelines for Media Sanitization”) to destroy data as part of the decommissioning process.” P.39 AWS Security Best Practices White paper
Data Removal and Destruction Management
Once a specialist company or contractor has processed the media, there should be a procedure for verification of data removal. It is important to maintain an effective method of managing the process of data destruction. This ensures that all media requiring cleaning or destruction is correctly organized and properly audited. Tracking of hard disk serial numbers should be used a bare minimum for individual component tracking.