Your data security is certified and auditable
We meet the most stringent global standards and compliance for data sanitization, including specialized industry requirements.
Once every asset to be decommissioned has been identified, Teraware goes to work. Teraware’s agent-based architecture scales to any size job; whether it’s one drive or 100,000, Teraware erases all drives concurrently, minimizing your data exposure risk window. NIST 800-88 is descriptive with regard to media types, chain of custody, methods of destruction and reporting. ITRenew follows NIST 800-88 and goes a step further, exceeding all industry standards and compliance.
The Asset Disposal & Information Security Alliance (ADISA) offers accreditation to companies that maintain the highest standards in IT asset disposal and data sanitization. Only nine companies worldwide are expected to achieve ADISA data sanitization accreditation for both HDDs and SSDs in 2020.
Protecting sensitive data is critical, whether that data pertains to personal health, financial records or simply the guaranteed privacy of customers or clients. Our reporting standards and are derived from different global audit stipulations and compliance regulations; we meet or exceed best practices for handling patient data, cardholder data and much more.
Healthcare compliant, including meeting requirements of the Health Insurance Portability and Accountability Act (HIPAA)
Financial services-compliant, including meeting Payment Card Industry (PCI) and Securities and Exchange Commission (SEC) standards
Your industry or company may have its own security standards and compliance. We are confident we meet or exceed them.
Sanitization Method | Overwrites | Passes | COS |
---|---|---|---|
NIST 800-88 (1-pass)* | 1-pass | 0x00 + Verify0x 00 | Yes |
NIST 800-88 (3-pass) | 3-pass | 0x00, 0xFF, PRNG + Verify PRNG | Yes |
Australia DoD ISM 6.2.92 | 1-pass | PRNG + Verify PRNG | Yes |
Canada CSEC ITSG-06 | 3-pass | 10x00, 0xFF, PRNG + Verify PRNG | Yes |
Canada RCMP TSSIT OPS-II | 7-pass | 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xff, PRNG + Verify PRNG | Yes |
New Zealand NXSIT 402 | 1-pass | PRNG + Verify PRNG | Yes |
NISP DoD 5220.22-M (ECE) | 3-pass | 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, PRNG + Verify PRNG | Yes |
NSA NCSC-TG-025 | 3-pass | 0x00, 0xFF, PRNG + Verify PRNG | Yes |
UK CESG/GCHQ HMG IS5 | 3-pass | 0x00, 0xFF, PRNG + Verify PRNG | Yes |
US Air Force AFSSI-5020 | 3-pass | 0x00, 0xFF, PRNG + Verify PRNG | Yes |
US Army AR 380-19 | 3-pass | Random, 0x00, 0xFF + Verify PRNG | Yes |
US Navy NAVSO P-5239-26 | 3-pass | 0x00, 0xFF, PRNG + Verify PRNG | Yes |
We rigorously track each serialized asset from wiping to final disposition, giving you a fully traceable audit trail. Nothing falls through the cracks – ever.
All assets to be decommissioned are inventoried. We cross-reference your asset list with our findings down to the component level, enumerating CPUs, DIMMs, controllers, disks and processing attributes. Drives and components are parented to servers and racks, so we always know their provenance. This data establishes a baseline for your audit trail.
Teraware fully wipes all SSD and HDD drives simultaneously, at the rate of 1TB every 2.5 hours. More than 98% of drives are fully wiped (well above industry standards); 100% of drives are securely decommissioned. An unlimited number of drives can be wiped in only one to two days.
A Certificate of Sanitization is issued for each wiped drive. Failed drives are destroyed at your facility, if that’s your company policy, or removed to our facility for final disposition. Certificates of Destruction are issued only when drives are shredded. We proudly stand behind our certifications.
Teraware generates a comprehensive report detailing all assets decommissioned. Every single drive is accounted for, including extra or non-conforming disks. Reporting includes attributes such as Rack ID/Rack Asset Tag, Asset Serial Number/Asset Tag, Installed Rack Unit and Server Model.
After wiping, assets are securely transported to an ITRenew facility for processing. Full reconciliation of each serialized asset occurs before any asset leaves your facility. They are loaded into securely sealed trucks with GPS tracking, so you know where they are at all times.
Upon arrival at an ITRenew facility, a cross-check occurs, reconciling all shipped assets against our baseline report. Assets slated for destruction at our facility are shredded and Certificates of Destruction issued.
Assets slated for renewal – through reuse at another of your company’s facilities, remarketing in secondary channels, or breaking down for parts or recycling – are reengineered or disassembled.
Every component of every asset is identified and tracked throughout its lifecycle. If and when auditors spot-check you, this step-by-step reporting gives you a complete paper trail detailing your end-to-end chain of custody.
Our Certificates of Sanitization and Destruction are guaranteed, so you can rest assured that your company is protected throughout the decommissioning process. We stand behind our guarantee and assume financial liability for any outcomes.
In numerous tests performed by independent forensics labs, no data has ever been found on a Teraware-wiped drive. Ever. Our clients have all received flawless results on audits by top-tier, independent auditors.