Data Destruction Policy

Last Modified: June 15th 2018

Overview

All employees, clients, vendors and contractors have a personal responsibility to keep information secure and confidential. This policy aims to prevent unauthorized disclosure of information assets by the controlled disposal and destruction of media storing confidential data.

Policy

All customer data should be disposed of when it is no longer necessary for business use, provided that the disposal does not conflict with our data retention policies, our customers data retention policies, a court order, or any of our regulatory obligations.

  • All employees, clients, vendors and contractors are instructed to not use the following media to store confidential information.
    • paper-based media
    • USB Drives or External Backup programs
    • CD ROM drives.
  • All cloud based storage media being decommissioned should be sanitized when it is no longer necessary, provided that there is a backup of customer data on production systems to comply with our customers data retention and contractual obligations.
  • Laptop based storage media may not be donated or sold. All laptop based storage media should be sanitized prior to transfer of ownership to a co-worker or prior to destruction.

Scope

The following table displays the forms of storage media currently in use.

Media TypeLocationData Storage MechanismRemoval Methods
Hard Disk DrivesLaptopNon-volatile magneticClearing, Destruction
Solid State DrivesLaptopSolid stateClearing,Destruction
Amazon S3CloudNon-volatile magnetic(DoD) 5220.22-M
Amazon EFSCloudSolid state(DoD) 5220.22-M
Amazon EBSCloudSolid state(DoD) 5220.22-M

Removal Classifications

A) Clearing

If comprehensive data removal from the media is not required, then non-specialist staff or contractors may carry out clearing. Typical clearing programs use sequential writes of patterned data, ensuring that data is not easily recovered using standard techniques and programs. To ensure that historical data is thoroughly removed it is advisable to make as many passes as is practicable.

B) Purging

Purging is a more advanced level of sanitization that renders media unreadable even through an advanced laboratory. After removal of media from its current security context there must be sufficient care taken to ensure that data is irretrievable. If purging of the media is required, a minimum of seven passes qualifies as a purging process.

C) Destroying

Destroying renders media unusable. Destruction techniques include but are not limited to disintegration, incineration, pulverizing, shredding and melting.

Media Destruction Techniques

Storage Media, which is being decommissioned, will be passed to a specialist contractor for secure disposal.

A) Hard Disk Destruction

Degaussing is a simple method that permanently destroys all data and disables the drive. Degaussing uses a high-powered magnetic field that permanently destroys data on the platters. The recommended specification for data destruction is the SEAP 8500 Type II standard used for classified government material.

C) Solid-State Devices

Solid-state devices normally require the complete physical destruction of the device to ensure that any recovery of data is impossible. Incineration will melt SD cards. Devices such as USB thumb drives should be physically destroyed using brute force methods. As long as appropriate safety methods are in use, non-specialist staff can destroy these devices.

D) Cloud Based(AWS) Devices

“When AWS determines that media has reached the end of its useful life, or it experiences a hardware fault, AWS follows the techniques detailed in Department of Defense (DoD) 5220.22-M (“National Industrial Security Program Operating Manual”) or NIST SP 800-88 (“Guidelines for Media Sanitization”) to destroy data as part of the decommissioning process.” P.39 AWS Security Best Practices White paper

Data Removal and Destruction Management

Once a specialist company or contractor has processed the media, there should be a procedure for verification of data removal. ​It is important to maintain an effective method of managing the process of data destruction. This ensures that all media requiring cleaning or destruction is correctly organized and properly audited. Tracking of hard disk serial numbers should be used a bare minimum for individual component tracking.