WHAT IS DATA SANITIZATION AND WHY DOES IT MATTER?
Disposal of surplus information technology (IT) equipment without taking appropriate measures to sanitize the data stored on the system’s media can lead to the disclosure of sensitive information, embarrassment, costly investigations, bad publicity, and other negative consequences. Businesses and Federal agencies must establish policies and procedures to ensure the proper destruction of sensitive information.
The two techniques commonly used for data sanitization are:
- The Privacy Act of 1974
- The Computer Security Act of 1987
- The Computer Matching and Privacy Protection Act of 1988
- The Electronic Communications Privacy Act
- The Gramm-Leach-Bliley Act
- The Health Insurance Portability & Accountability Act (HIPAA)
AnythingIT erases hard drive data to Department of Defense standards. The DoD 5220-22M Standard States: Non-Removable Rigid Disks” or hard drives must be sanitized for reuse by “Overwriting all addressable locations with a character, its complement, then a random character and verify.”
The DoD 5220.22-M sanitization method was originally defined by the US National Industrial Security Program (NISP) in the National Industrial Security Program Operating Manual (NISPOM) and is one of the most common sanitization methods used in data destruction software.
Whether an organization recycles their IT equipment, resells it, or redeploys it, removal and shredding of the hard drive is the most complete way to ensure that all data is non-retrievable. Our in house, state-of-the-art shredder provides the most efficient data and device destruction in the industry. Devices we shred include:
- Hard drives
- Storage media
- Plastics and metals
- Thumb drives
- Most data devices