Hard Drive Shredding New York Style

Posted by Frank Milia

Jan 13, 2015 8:55:00 AM

ITAMG regularly provides IT disposal and data destruction services to our clients with offices and data centers in New York City. Recently we have had a lot of new clients ask us how it’s even possible for us to provide onsite hard drive shredding services in the chaotic New York environment. This post provides a quick explanation of how we manage obstacles and securely destroy electronic media in one of America’s most bustling cities.

Hard Drive Shredding NY

Parking in New York City can be a nightmare. The industrial shredding equipment used to shred hard drives weighs thousands of pounds and is mounted on a large box truck (similar to paper shredding trucks you may be more familiar with). Most loading docks in New York City are extremely busy and located indoors, so idling and shredding drives at a dock is not an option due to congestion as well as health and safety concerns.

In order to get the work done curbside our crew will first scan and capture the serial numbers of the drives and then place the media into a locked container while still inside the client’s space. They then transport the locked containers, which are on wheels, down to the mobile shredding truck.

When there are no available parking spaces in the area we may be required to park several blocks from the client’s location. Although the client may be forced to get some unexpected exercise by taking a walk to the truck, he or she is able to follow the media at all times, and no media is left unattended.

To combat parking restrictions we always staff at least three crew members in New York City. All hard drive shredding projects in New York are staffed with a driver and a minimum of two technicians. With this strategy the truck can remain in a standing zone nearby while the other two crew members audit and prepare the drives for destruction.

When the technicians are done processing and auditing the drives the truck is called in to collect the container and the drives are destroyed at the nearest possible location. This staffing practice accounts for a potential emergency or required break and allows for a crew member to always remain available to guard the media prior to its destruction.   

Everything, especially time, in New York is expensive. In order to reduce service costs our shredding trucks are also equipped to collect electronic waste and surplus computer equipment that is being liquidated.  In addition to the shredded media remains there is space to remove upwards of three hundred desktops at a single service.

We are able to reduce shipping and logistics costs for projects that require both on-site media destruction and IT asset disposal services by performing both services at the same time.      

ITAMG has been working in New York City with our own crews since 1999. If you are already a New York hard drive shredding client please reach out to your account manager and let us know how we are doing.      

 

Interested in Data Destruction Best Practices?  Download our quick guide to NIST 800-88 Guidelines for Media Sanitzation below.

5 Data Destruction Tips

more

Topics: data security, data destruction, hard drive shredding, data sanitization, Hard Drive Shredding NY

Networking Device Erasure and Data Destruction

Posted by Frank Milia

Sep 26, 2014 8:30:00 AM

Storage devices and electronic media are not the only devices that require erasure and data destruction service levels in order to eliminate risks of causing a breach from an equipment disposition. Networking devices, routers, and switches hold sensitive information that in the wrong hands can be used to find entry to or otherwise compromise a network’s security.

The good news is that the major manufacturers have built in acceptable erasure methods into various networking devices and the process is easy to navigate.

At IT Asset Management Group we utilize the best methods of clearing a device depending on the manufacturer’s instructions and tools available. If a device cannot be reset to factory default, configuration cleared, NVRAM erased, VLAN cleared or any other information fails to erase with 100% certainty the device is quarantined and then physically destroyed.

The exact method of erasing networking devices will be specific to the manufacturer and model of the hardware but the following is broad overview of the process.Networking_DevicesMethods for Networking Device Erasure 

  1. Switches - Clear all configuration files including startup and running configuration files. Erase the NVRAM file system and removal of all files. Reload the switch to factory default. Clear all VLAN information created on switch. Confirm device has been cleared.
  2. Routers - Reset password and device to factory default.   Using Register Configuration write erase and set device back to factory default. Confirm device has been cleared.  

A sample of the type of manufacturer provided instructions used by ITAMG can be found below.

Common Switch: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-2900-xl-series-switches/24328-156.html

Common Router: http://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-software-releases-123-mainline/46509-factory-default.html

Networking Device Destruction

Any device that cannot be reset and confirmed to no longer contain any user created configurations or data should be physically dismantled, shredded, and recycled for commodity material in accordance with all local, state, and federal laws. ITAMG’s data destruction services are developed in accordance with the DoD 5220.22-M standards and NIST 800-88 Guidelines for Media Sanitization.

Looking for more information on running a secure data destruction program? 

Download 5 Data Destruction Tips

more

Topics: data security, data destruction, data breach, education & tips, data sanitization

The End of Windows XP Support: Refresh and Computer Disposal Planning

Posted by Frank Milia

Jan 2, 2014 2:15:00 PM

If your company’s end users rely on Windows XP you are probably aware that on April 8th, 2014 Microsoft support for XP will end. The reason for this decision is discussed in this post by Elephant Outlook “Microsoft to Windows XP User – Your Operating System is a Major Security Risk.” XP is more likely to fall prey to malware than more recent versions of Windows. Elephant Outlook breaks the statistics out “For the first half of 2013, Windows XP SP3 32-bit suffered a malware infection rate of 9.1 systems per 1,000 computers, which sounds modest until you read that the equivalent number of Windows 7 32-bit was 5.0 and for Windows 8 64-bit it was 1.4.”

On the Microsoft page dedicated to this issue, Microsoft is encouraging XP users to begin planning and testing immediately to ensure deployment prior to the end of support. Users that continue to use XP after the April 8th cutoff may expose themselves to compliance risks as well risk unsupported environments opening themselves up to security risks.

13404484_mBusinesses do have reasonable options to mitigate the expenses and risks associated with the end of XP support. Companies can upgrade capable XP machines to Windows 7 or 8.1. But due to hardware limitations it may be time for many companies to perform an upgrade. In order to gauge if a hardware upgrade is necessary an organization must consider the cost of new hardware, implementation, as well as various software licensing and potential compatibility issues.

The benefits of upgrading do not end at compliance and lowering security risks. For more answers regarding the why, what and how of the XP end of support, please visit the dedicated Microsoft page here.

Here at IT Asset Management Group we are encouraging our clients to upgrade and dispose of XP machines as soon as possible to maximize asset recovery returns on the equipment being replaced. It is likely that at the end of Q1 2014 the secondary markets will see drastic value declines. The end of XP and increase in worldwide refreshes will result in lower computer liquidation values or higher service costs for enterprise disposals.

 

Want to Receive The Most Value Back On Your Surplus Computer Equipment?  Download the ITAMG Inventory Template with IT Liquidation Tips Here

Tips & Inventory Template

more

Topics: data security, IT End of Life Strategy, Computer Liquidation

Intro to NIST 800-88: Data Destruction Best Practices

Posted by Frank Milia

Dec 5, 2013 8:24:00 PM

Attackers are targeting easier to access confidential information housed on company hard drives that are improperly disposed of.  One must have data destruction policies and procedures in place to ensure a data breach doesn’t occur. In the Guidelines for Media Sanitization (NIST Special Publication 800-88 Rev 1) best practices from the National Institute of Standards and Technology are clearly provided.

In this document three forms of compliant sanitization are defined: clear, purge, and destroy.

 

  • Clear: Overwriting storage space with non-sensitive data is one way to sanitize media. This method is not effective for media that is damaged or not rewriteable. The media type and size may also influence whether overwriting is a suitable sanitization method [SP 800-36].
  • Purge: Acceptable forms of purging include degaussing and executing the firmware Secure Erase command (for ATA drives only).  In degaussing a magnetic field is used to sanitize media. Degaussing is effective when working with damaged media, purging media with exceptionally large storage capacities, or for purging diskettes [SP 800-36].
  • Destroy:  Sanitization methods used to completely destroy media include Disintegration, Pulverization, Melting, and Incineration.  Destruction methods are typically outsourced to an organization capable of performing these tasks safely and effectively.  Pulverization is commonly referred to as Hard Drive Shredding in the IT asset disposal industry.  

 The NIST 800-88 document provides the below Media Sanitization Decision Matrix containing media-specific lists regarding the options of clear, purge, and destroy.  

Capture

 

Media that contains proprietary, confidential material, or is otherwise deemed to be a high risk must be given priority and the strictest controls and destruction methods should be employed.

 

Learn More And Download the 5 Most Important Tips from NIST 800-88

 

Download 5 Data Destruction Tips

 

ITAMG handles media sanitization in accordance with the National Institute of Standards & Technology (NIST) Special Publication Series 800-88. We can work with you to implement the most appropriate methods of disposal for your media and establish your secure and audit ready data destruction programs.

more

Topics: IT Asset Disposal, data security, data destruction, data sanitization, NIST 800-88

World’s Biggest Physical Data Breaches: Visualized

Posted by Steve Bossert

Sep 18, 2013 4:43:30 PM

Ever hear of this thing called “big data”?  It is hard to visualize reams of information and how to make them useful, especially when it comes to understanding all the different kinds of data breaches and industries most effected. Creative engineers and information designers are helping the masses better make use of all this information available to us today.

There is an excellent project that the inventor of one of our favorite internet and mobile games has been working on that helps highlight this growing problem by illustrating just how much is at risk regarding data breaches.

What does this all mean?

Ever wonder how many recorded data breaches have taken place in the financial sector in the last five years?  Or, how about the number of records over 30,000  that have been compromised due to the theft of stolen media or a stolen computer?

zzzzzz

ITAMG helps our clients protect themselves from physical data breaches that often happen when desktops, laptops, servers and even printers are retired from active use. The healthcare, academic and financial industries make up a large part of our business.

Quick Analysis

  • Academic & financial institutions seems to have tightened their security since the mid 2000 – or become less attractive targets
  • Gaming sites, cumulatively, account for the biggest data breaches
  • Healthcare is truly truly leaky – a very worrying trend – with over 50% of the breaches coming from stolen or lost computers
  • Accidental publishing seems to be a growing trend – recently with Facebook granting inadvertent access to 6 million records

David’s work can be explored here and the full range of ITAMG services offered that can help your organization not show up in the dataviz can be read about on the ITAMG website, our LinkedIN page or even our exclusive BBM Channel (C000D71D4).

more

Topics: IT Asset Disposal, data security, IT End of Life Strategy, data destruction

   

ITAD Guidance

Stay informed on important IT asset management topics.

Our posts focus on IT management, data security, and computer hardware from the unique perspective of IT asset disposal experts.

Subscribe and you will stay on top of:

  • IT procurement trends and analysis
  • Data security methods and best practices
  • Compliance tools and updates

Subscribe to Email Updates

Responsible Recycling logo

Recent Posts

Visit our Main Site at: www.itamg.com