Presentation is loading. Please wait.

Presentation is loading. Please wait.

THE WORLD’S PREMIER SOLUTION FOR SANITIZING HARD DRIVES PRIOR TO REPURPOSING OR DISPOSAL DIGITALSHREDDE R PRODUCT PRESENTATION PARTNER LOGO PARTNER CONTACT.

Similar presentations


Presentation on theme: "THE WORLD’S PREMIER SOLUTION FOR SANITIZING HARD DRIVES PRIOR TO REPURPOSING OR DISPOSAL DIGITALSHREDDE R PRODUCT PRESENTATION PARTNER LOGO PARTNER CONTACT."— Presentation transcript:

1 THE WORLD’S PREMIER SOLUTION FOR SANITIZING HARD DRIVES PRIOR TO REPURPOSING OR DISPOSAL DIGITALSHREDDE R PRODUCT PRESENTATION PARTNER LOGO PARTNER CONTACT INFORMATION

2 CURRENT STATE OF AFFAIRS Civil and criminal penalties Erosion of income and profits Lost confidence of client base Irreparable harm to reputation Failure to properly sanitize hard drives has catastrophic consequences:

3 5.6 Billion Hard Drive Production from Million Hard Drives Reach end of life in – 3 Refreshes Can occur during a hard drives lifecycle One gigabyte of data on a hard drive = Approximately one dump truck of compacted paper Well Publicized Laws HIPAA, FACTA, SOX, FISMA Gramm-Leach-Bliley Consequences of a Breach Fines, Loss of License & Loss of Reputation 69% of Data Breach Costs Are the result of lost customer business 44% OF ALL DATA BREACHES RESULT FROM LOST OR STOLEN HARD DRIVES & LAPTOPS CURRENT STATE OF AFFAIRS

4 COST OF DATA BREACH Incident Response Source: Ponemon Institute  free or discounted services  free credit checks for five years  lost business  notifications via , letters, web, media, etc.  legal defense  criminal investigations  legal audit and accounting fees  call center expenses  public relations/communication  internal investigations  security consultants  Average cost per record compromised in 2007: $202  Average cost per record compromised in 2007 by Third Party: $238 INCIDENT RESPONSE ELEMENTS

5 THE HARD DRIVE EPIDEMIC Mercury & PCB in electronic circuits Rare earth magnets – platters are aluminum coated in iron oxide and other chemicals Materials become toxic when incinerated in landfills

6 Proper sanitization of digital data is much more than a Best Practice Solution, IT’S THE LAW.

7 Gramm-Leach- Bliley Sarbanes-OxleyFACTAHIPAAFISMAFERPARCRA Financial Services Modernization Act Public Company Accounting Reform & Investor Protection Act Fair and Accurate Credit Transaction Act Health Insurance Portability & Accountability Act Federal Information Security Management Act Family Educational Rights and Privacy Act Resource Conservation and Recovery Act Directors and Officers Penalty Per Violation $10,000Up to $1,000,000Termination Institution Penalty Per Violation $100,000Up to $5,000,000$11,000 $50,000 to $250,000 Agency Budget Reduction Loss of Federal Funding Up to $27,500 Per Day Per Violation Years in Prison5 to 12 YearsUp to 20 Years1 to 10 Years FDIC InsuranceTerminated Impact on Operations Cease and Desist Congressional Review Loss of License Individual Civil Fines $1,000,000Civil Action$25,000Up to $200,000 Institution Civil Fines 1% of Assets Varies Per Record USA REGULATORY PENALTY MATRIX

8 SANITIZING DRIVES: MORE THAN JUST END OF LIFE  Storage transfers to a new user  Storage transfers to a new server  Maintenance  Return at end of lease BACK OFFICE COMPUTING:  Tech refresh or return at end of lease  Upgrading to a new computer or higher capacity drive  Completion of a new project  Cleaning a workstation for a new user  Departure of an employee from an organization  Returning a hard drive under warranty  Returning a computer under warranty  Protection from unauthorized access  A virus that is detected  Attack from a hacker  Employee turnover INDIVIDUAL USER NOTEBOOKS AND WORKSTATIONS:

9 EVOLUTION OF A SOLUTION In the late 1990’s, the international hard drive manufacturing community called a global summit to discuss the rapidly growing challenge of properly sanitizing hard drives.

10 ATTENDEES: CHALLENGE: Develop a means of sanitizing hard drives beyond forensic reconstruction while retaining the ability to reuse the hard drive. OUTCOME: The Hard Drive Industry collaborated with The Center for Magnetic Recording Research, under the direction of the US National Security Agency (NSA), to meet the challenge. They developed a sanitization standard called: SECURE ERASE SOLUTION IS CONCEIVED: SECURE ERASE

11 SECURE ERASE  It is now part of the ATA Rev 4 Spec for all hard drives.  A destruction command that is embedded in the firmware of ATA hard drives including IDE, EIDA, PATA and SATA.  An atomic process - eradicates all user data beyond forensic reconstruction.  Up to 18 times faster than ineffective overwrite routines.  Compliant, certified standards based technology.  Implemented by global hard drive manufacturers in  Validated and certified by the International Security Community. BIOS and Operating System developers blocked the ability to initiate Secure Erase.

12 In the absence of an enterprise level Secure Erase solution, billions were spent on products, processes and outsourced solutions that were not effective, scalable or failsafe.

13 METHODS THAT FALL SHORT Let’s compare these methods to the CRITICAL REQUIREMENTS most often requested by IT Professionals. Third Party Providers Commercial Software Degaussing Machines Mechanical Destruction

14 1.Destroy data beyond forensic reconstruction. 2.Provide a single-point lifecycle solution that handles all drives 3.Offer control of the process. 4.Deploy a scalable process providing corporate-wide compliance. 5.Give user the ability to verify erasure– “trust but verify.” 6.Imbed an automated certification process that completes an audit process. 7.Provide a green solution that allows reformatting and repurposing of hard drives for reuse or the ability to recycle the drive intact. MARKET FEEDBACK Design input from IT Professionals and auditing firms during development

15 COMMERCIAL SOFTWARE DESCRIPTION:  Replaces existing data with a set of random or repeating data LIMITATIONS:  Does not delete data beyond forensic reconstruction  Lack of automated data logging, audit trails or certification labels  Single drive can take more than 24 hours  Ties up workstations for hours  Vulnerable to user manipulation

16 DEGAUSSING MACHINES  Disables hard drive by applying a strong magnetic field  Not a lifecycle management tool – end of life only  Unable to reuse drive, not a green solution  Not “office friendly”  Dangerous high level magnetic fields require special precautions  Destroys read/write head – can not confirm data is deleted  Lack of audit trail or certification labels  Requires constant re- calibrations to ensure proper functionality DESCRIPTION:LIMITATIONS:  UNSAFE, INCONSISTENT, NOT CERTIFIABLE

17 MECHANICAL DESTRUCTION  Reduces hard drive into scrap metal or physically disables the media  Includes hammers, nail guns, belt sanders, and mechanical shredders  Not a lifecycle management tool – end of life only  Heavy, bulky and noisy equipment, not “office friendly”  Lack of automated data logging or audit trail  Unable to reuse the drive, Not a green solution, toxic hazards at shredding site and landfill  Encourages stockpiling of drives, a security risk  Not a scalable solution DESCRIPTION: LIMITATIONS:

18 THIRD PARTY PROVIDERS  Third Party employs any of the previous methods  The service may be performed on-site, or require that the hard drives be transported to the service provider’s facility  Not a lifecycle management tool – end of life only  Loss of care, custody, and control  Storage problems exist between visits  Risk of loss during transit  High service and transportation costs  Retention of liability - a handoff does not absolve liability  Deploys any of the prior methods DESCRIPTION:LIMITATIONS:

19 Carrying Handle 3 Drive BaysPersonality Blocks Printer 1 LED Indicators Touch Screen 23 Height - 12” Width - 8.5” Length - 13” Weight – 15lbs SOLUTION IS BORN: THE DIGITALSHREDDER GREEN SOLUTION – ALLOWS REUSE OF HARD DRIVE AFTER CLEANSING!

20 USER FRIENDLY: NO KEYBOARD OR MOUSE INTEGRATED SCREEN eliminates the need for keyboard and mouse, facilitates portability Main MenuHistory Administrative LoginDrive Operations Sector Viewer SECURED ACCESS: Password Protected

21 USER FRIENDLY: NO CABLES – NO CLUTTER  Quick and easy secure connections to various drive formats:  Current Support:  All ATA drives including IDE, EIDE, PATA and SATA - 2.5” and 3.5” (desktop & laptop drives)  Upcoming Support:  SCSI, Fiber Channel, SAS, Major Flash Media  3 Bays: multiple drives sanitized simultaneously and independently  Lock down enhances security INSERTLOCK DOWN SANITIZE

22 OFF GREEN RED ORANGE Vacant bay, available for use Drive is loaded and ready, but no operation is taking place, blinks green when process is completed Process is being executed, bay is mechanically locked and password protected Reformatting / imaging LED INDICATORDRIVE STATUS USER FRIENDLY: LED INDICATORS

23 BEST PRACTICES: AUTOMATED AUDIT TRAIL PHYSICAL LABELDIGITAL LOG  Completion of an erasure process results in the printed bar code label which includes the log entry information for the hard drive  Labels can be easily scanned for error-free, automated equipment tracking  All Digital Shredder activity is stored in the internal log file  Log file can be exported in CSV format using the USB port Automated log tracks the following:  Operator’s name  Date and time  Hard drive serial number  Elapsed time  Erasure process

24 Comparison of Data Destruction Methods Critical Requirements Digital Shredder Commercial Software Degaussing Machines Mechanical Destruction Third Party Provide a single-point solution that can be used during the entire hard drive lifecycle YESYesNo Eliminate data beyond forensic reconstruction YESNoUncertain Maintain care, custody, & control throughout the process YESNo Provide an automated certification process that completes a Best Practice audit trail YESUncertainNo Deploy a scalable process providing corporate-wide compliance YESNo Yes Verify drive sanitization by sector – “trust but verify” YESUncertainNo Provide a green solution that allows reformatting and repurposing of hard drives YESYesNo Uncertai n A CLEAR COMPETITIVE ADVANTAGE

25 USA GOVERNMENT COMPLIANCE The Digital Shredder Secure Erase appliance meets and/or supports the following Department of Defense or Civilian Government guidelines concerning Information Security Practices:  NSA Information Assurance Advisory – NO. IAA in Guidance to Designated Approving/Accrediting Authorities (DAA’s) regarding the Use of Software Clearing for Downgrading of Hard Disks  US Deputy Secretary of Defense Memo dated May 29, 2001; Disposition of Unclassified DoD Computer Hard Drives, by Paul Wolfowitz  US National Computer Security Center (NCSC-TG-018); Rainbow Series "Light Blue Book" A Guide to Understanding Object Reuse in Trusted Systems  US National Computer Security Center (NCSC-TG-025); Rainbow Series "Forest Green Book" A Guide to Understanding Data Remanence in Automated Information Systems  US National Institute of Standards and Technology (NIST) SP Guidelines for Media Sanitization  National Institute of Standards and Technology (NIST) SP Generally Accepted Principles and Practices for Securing Information Technology Systems  US Air Force System Security Instructions 5020  US Army AR380-19, AR25-1, AR25-2  US Navy Staff Office Publication (NAVSO P )  US Navy OPNAVINST A

26 EDT’s VALIDATION PHASE: GOVERNMENT

27  Healthcare  Education  Legal  Financial  Service Providers COMMERCIAL CUSTOMERS

28 Australian Department of Defence (Australian Communication s – Electronic Security Instruction ACSI33) Royal Canadian Mounted Police Lead Agency Publication B2-001 UK-HMG Infosec Standard 5 {IS5} & CESG Information Assurance Manuel S United States National Institute for Standards & Technology Special Publication CLEAR PURGE DESTRUCTIO N Commercial Software Level of security: protection against keyboard attack Disintegration, Incineration, Pulverizing, or Melting Level of security: protection against laboratory attack Secure Erase, Degaussers Level of security: protection against laboratory attack Secure Erase is a high level of protection because you can validate the data is gone beyond forensic reconstruction & reuse the hard drive GOVERNMENT COMPLIANCE

29 DIGITALSHREDDE R The World’s Premier Solution for Sanitizing Hard Drives Prior to Repurposing or Disposal.


Download ppt "THE WORLD’S PREMIER SOLUTION FOR SANITIZING HARD DRIVES PRIOR TO REPURPOSING OR DISPOSAL DIGITALSHREDDE R PRODUCT PRESENTATION PARTNER LOGO PARTNER CONTACT."

Similar presentations


Ads by Google