Your data security is certified and auditable
We meet the most stringent global standards for data sanitization, including specialized industry requirements.
NIST 800-88
Once every asset to be decommissioned has been identified, Teraware goes to work. Teraware’s agent-based architecture scales to any size job; whether it’s one drive or 100,000, Teraware erases all drives concurrently, minimizing your data exposure risk window. NIST 800-88 is descriptive with regard to media types, chain of custody, methods of destruction and reporting. ITRenew follows NIST 800-88 and goes a step further, exceeding all industry standards
An ADISA-Certified Company
The Asset Disposal & Information Security Alliance (ADISA) offers accreditation to companies that maintain the highest standards in IT asset disposal and data sanitization. Only nine companies worldwide are expected to achieve ADISA accreditation in 2019; ITRenew is the only ADISA-certified company in the United States. Milestones include:
- Passed ADISA Threat Matrix Level 2: the only software to have done so
- 17 Certificates for Forensic Data Erasure of SSDs and HDDs
Vertical industry standards, met or exceeded
Protecting sensitive data is critical, whether that data pertains to personal health, financial records or simply the guaranteed privacy of customers or clients. Our reporting requirements are derived from different global audit stipulations and compliance regulations; we meet or exceed best practices for handling patient data, cardholder data and much more.
Healthcare
Healthcare compliant, including meeting requirements of the Health Insurance Portability and Accountability Act (HIPAA)
Financial Services
Financial services-compliant, including meeting Payment Card Industry (PCI) and Securities and Exchange Commission (SEC) standards
Secure, specialized processing
Your industry or company may have its own security standards. We are confident we meet or exceed them.
Global Standards Met
| Sanitization Method | Overwrites | Passes | COS |
|---|---|---|---|
| NIST 800-88 (1-pass)* | 1-pass | 0x00 + Verify0x 00 | Yes |
| NIST 800-88 (3-pass) | 3-pass | 0x00, 0xFF, PRNG + Verify PRNG | Yes |
| Australia DoD ISM 6.2.92 | 1-pass | PRNG + Verify PRNG | Yes |
| Canada CSEC ITSG-06 | 3-pass | 10x00, 0xFF, PRNG + Verify PRNG | Yes |
| Canada RCMP TSSIT OPS-II | 7-pass | 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xff, PRNG + Verify PRNG | Yes |
| New Zealand NXSIT 402 | 1-pass | PRNG + Verify PRNG | Yes |
| NISP DoD 5220.22-M (ECE) | 3-pass | 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, PRNG + Verify PRNG | Yes |
| NSA NCSC-TG-025 | 3-pass | 0x00, 0xFF, PRNG + Verify PRNG | Yes |
| UK CESG/GCHQ HMG IS5 | 3-pass | 0x00, 0xFF, PRNG + Verify PRNG | Yes |
| US Air Force AFSSI-5020 | 3-pass | 0x00, 0xFF, PRNG + Verify PRNG | Yes |
| US Army AR 380-19 | 3-pass | Random, 0x00, 0xFF + Verify PRNG | Yes |
| US Navy NAVSO P-5239-26 | 3-pass | 0x00, 0xFF, PRNG + Verify PRNG | Yes |
A fully traceable audit trail
We rigorously track each serialized asset from wiping to final disposition, giving you a fully traceable audit trail. Nothing falls through the cracks – ever.
Asset discovery
All assets to be decommissioned are inventoried. We cross-reference your asset list with our findings down to the component level, enumerating CPUs, DIMMs, controllers, disks and processing attributes. Drives and components are parented to servers and racks, so we always know their provenance. This data establishes a baseline for your audit trail.
Drives wiped
Teraware fully wipes all SSD and HDD drives simultaneously, at the rate of 1TB every 2.5 hours. More than 98% of drives are fully wiped (well above industry standards); 100% of drives are securely decommissioned. An unlimited number of drives can be wiped in only one to two days.
Certificates issued
A Certificate of Sanitization is issued for each wiped drive. Failed drives are destroyed at your facility, if that’s your company policy, or removed to our facility for final disposition. Certificates of Destruction are issued only when drives are shredded. We proudly stand behind our certifications.
Report generated
Teraware generates a comprehensive report detailing all assets decommissioned. Every single drive is accounted for, including extra or non-conforming disks. Reporting includes attributes such as Rack ID/Rack Asset Tag, Asset Serial Number/Asset Tag, Installed Rack Unit and Server Model.
Drives Transported
After wiping, assets are securely transported to an ITRenew facility for processing. Full reconciliation of each serialized asset occurs before any asset leaves your facility. They are loaded into securely sealed trucks with GPS tracking, so you know where they are at all times.
RECONCILIATION
Upon arrival at an ITRenew facility, a cross-check occurs, reconciling all shipped assets against our baseline report. Assets slated for destruction at our facility are shredded and Certificates of Destruction issued.
RENEWAL
Assets slated for renewal – through reuse at another of your company’s facilities, remarketing in secondary channels, or breaking down for parts or recycling – are reengineered or disassembled.
AUDIT COMPLIANCE
Every component of every asset is identified and tracked throughout its lifecycle. If and when auditors spot-check you, this step-by-step reporting gives you a complete paper trail detailing your end-to-end chain of custody.
We track every serialized asset, every step of the way, giving you 100% documented traceability, end to end
We guarantee our work — literally.
Our Certificates of Sanitization and Destruction are guaranteed, so you can rest assured that your company is protected throughout the decommissioning process. We stand behind our guarantee and assume financial liability for any outcomes.
- Peace of mind, guaranteed
- We assume financial liability
We stand by our results.
In numerous tests performed by independent forensics labs, no data has ever been found on a Teraware-wiped drive. Ever. Our clients have all received flawless results on audits by top-tier, independent auditors.
- Clean wipes, every time
- Perfect audit scores