Certified Data Destruction
At Tamite Secure IT we spend most of our time trying to prevent data loss in all of its forms, ironically the secure destruction of data is also a very important part of the Tamite Secure IT proposition.
When you dispose of your IT assets, anything that has a hard drive or the ability to store data the problem you face is how do you ensure that the data on the device has been finally and irrevocably destroyed; in addition you need to show an audit trail for compliance purposes.
Tamite Secure Data Destruction use White Canyons WipeDrive to ensure complete destruction, certification and Documentation to provide a complete Audit Trail to government prescribed standards.
Data destruction services can be provided to your business in three ways:
We provide a complete on site data destruction and documentation project on your site using our own experienced technicians.
You send your devices to us and we carry out the data destruction and documentation on our site
We are resellers of White Canyon WipeDrive and will be happy to supply you with any of their products.
WipeDrive is the world leader in secure data destruction.
WipeDrive allows corporations and government entities to permanently and securely erase data from hard drives, removable media, and mobile devices, providing a cost-effective, secure, and socially responsible way of recycling and retiring computer storage.
The Most Highly-Certified Wiping Software on the Market
WipeDrive is the only wiping software in the world that meets NIAP’s EAL4+ security standard and is approved by the U.S. Department of Defense. According to the NSA, data deleted with WipeDrive is “permanently destroyed as to make any type of forensic data recovery impossible.”
How Can I Use WipeDrive?
Securely and cost-e_ectively manage your corporate storage hardware end-of-life cycle.
Multiple deployment methods allow you to wipe storage on individual computers, via a PXE con_guration, or remotely.
Erase drives on computers in branch or remote locations before moving them.
Wipe Computers Remotely
WipeDrive’s RemoteWipe functionality allows you to erase hard drives remotely without having to install a thin client. You can wipe computers in remote locations from a centralized IT department without deploying technicians to the location.
Flexible reporting options allow you to generate and store reports in whatever format you need, be it PDF, text _le, or stored in a database. Users can add custom fields to track company-specific data such as unique company IDs or the name of the technician performing the wipe. All reports are secure and auditable.
Flexible Deployment Options
Wipe an individual computer, multiple computers simultaneously, or computers in remote locations. WipeDriveEnter prise allows you to use any of our deployment options so you can wipe how and when you want.
Deployment options include:
Most enterprise clients are happy with WipeDrive Enterprise right “out of the box.” However, we know that some clients have special situations and needs and we welcome the opportunity to customize our software and provide one-on-one consulting accordingly.
Environmentally and Socially Responsible
WipeDrive contributes toward the zero-land-_ll initiative by helping companies re-use and recycle their storage hardware rather than trash it. By wiping and donating your retired storage hardware you not only avoid contributing to the land fill but can help schools or charitable organizations in need of computer hardware.
Customized Solutions Available
- Bootable CD
- USB Drive
- Executable (.exe)
- PXE Network
Major IT Shift from Physical Destruction to Software Wiping
Most fortune 500 companies still physically destroy their hard drives. But companies are starting to realize that physically destroying drives is more expensive, less environmentally unfriendly and less secure than software wiping. By wiping your drives, you receive the same end-effect but can now reuse them within your organization or donate them to schools,
non-profit organizations or other charitable causes. By wiping, you can be sure your hard drives and computers end up in libraries not landfills.
Certification vs. Compliance
There is a significant difference between software claiming to be “in compliance” with standards and software that is “certified” by recognized security organizations. WhiteCanyon doesn’t believe its customers should have to verify that WhiteCanyon software performs as it claims. As a result, its flagship product WipeDrive is certified by the NSA-sponsored National Information Assurance Partnership (NIAP) to the EAL 4+ level, higher than any other software wiping tool (see http://www.niapccevs.org/st/vid10395/).
This certification took over a year and cost literally hundreds of thousands of dollars. As part of the certification process, Booz Allen Hamilton reviewed the WipeDrive source code and ran extensive tests verifying its efficacy in permanently and securely erasing data.
When you see wiping software that claims to “comply” with standards, all it means is that they believe they comply but there is no outside body that has independently verified and authenticated that they comply. Compliance with standards is typically a broad and vague claim that provides no substantiated or regulated statement about a program’s effectiveness.
Risk vs. Cost of Avoiding Risk
We recognize that there is a tradeoff between risk and the cost of avoiding risk. Some organizations may choose to accept a level of risk if the cost is too high to mitigate that risk. However, many of our larger customers, like the Department of Defense, U.S. Air Force and Department of Homeland Security, don’t have the option of accepting any level of risk when it comes to data destruction. Our software is designed with their input to address the highest security needs so all our customers benefit.
We start with each of the published standards (HIPAA, Sarbanes-Oxley, SOX, GLB, PCI-DSS, NIST 800-88) as a minimum security level. Working with our most risk-averse customers we have added features that allow both operational efficiency and increased security such as remote wiping, digitally signed audit logs, faster wiping speed, and fully scripting the wipe process to eliminate human error.
What does the NIAP EAL4+ Certification Mean?
The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) have established a program under the National Information Assurance Partnership (NIAP) to evaluate IT product conformance to international standards. The program is officially known as the NIAP Common Criteria Evaluation and Validation Scheme for IT Security (CCEVS).
Part of the EAL4+ standard is a line-by-line source code audit. The purpose of the audit is to certify not only that the software works as intended but also that there are no security holes, malicious or otherwise.
Software certified to the EAL3 level and below do not include this source code review and therefore the user cannot be assured that there aren’t any unseen security holes.
The Conclusion by the National Security Agency
After over a year of testing by the National Security Agency (NSA) and Booz Allen Hamilton (www.boozallen.com), an international independent Consulting Firm, NIAP summarized WipeDrive’s
performance as follows:
“WipeDrive is a disk sanitizing tool that permanently erases all data from hard drives and other data storage devices. This includes but is not exclusive to: HPA partitions, DCO partitions,
remapped sectors, operating systems, programs, and user files. This data is permanently destroyed as to make any type of forensic data recovery impossible.“