Delete doesn’t mean delete, just simply deleting data, resetting a mobile device or reformatting a disk does not actually remove the data. For example, the factory reset of mobile devices only reverts devices to factory settings and in some instances, some user data remains intact.
If you only use the above methods as the sole means for data erasure, you can run the risk of a security breach. This puts the company at risk of regulatory noncompliance, stolen data, data in the hands of criminals and ultimately brand and reputation damage. The only way to permanently destroy data without physically harming the hard disk is to use overwriting software. This ensures that the drives are completely cleansed of recoverable data. Not only must the data be destroyed, but the destruction must also be verified.
Concept Management uses Blancco Overwriting Software that can be performed both at customer premises or at our ISO9001, 14001 and ISO2701 certified premises. Blancco are one of the largest and most respected data sanitation companies and their software systems are CESG approved. The system overwrites to CESG Standards, British Standard Infosec Enhanced Standard 5. This standard dictates that the drive has to be overwritten a minimum of 3 times. This also overwrites to HMG Impact Level 5 (IL5)
What is absolutely essential is that you choose a certified hard drive destruction company who can demonstrate experience, accreditations and uses the right equipment. The Information Commissioner’s Office now polices the Data Protection Act much more vigorously than it has in the past and has handed out the highest fine for a data breach. This was action against Brighton and Sussex NHS and they were fined £325,000.
There are key requirements you must consider when choosing an IT asset disposal partner. The ICO states you must take reasonable steps to ensure no data breaches, but sometimes these occur and something goes wrong and if the worst happens, you need to be in a position to defend yourself.
The importance of choosing the correct partner that is certified is paramount, as it gives you the peace of mind that there can be no data breaches, the equipment is disposed of safely, securely and ethically and lastly, it gives an auditable trail that satisfies the ICO and the WEEE Directive.