Navigating the distinctions between DoD and NIST Standards in data sanitization methods can lead to non-compliance and potential data breaches. Our complimentary guide enhances secure practices for data disposition and reinforces privacy protection.
<Feb 12, 2024> South Hackensack, NJ – Guardian Data Destruction, the nation’s largest onsite e-data destruction provider, has developed a concise, practical guide to applying the NIST 800-88 Rev1 standard for data sanitization.
Brendan O’Byrne, Director of Enterprise Services for Guardian, explains the genesis and purpose of the guide. “Although Department of Defense (DoD) 5220.22 was replaced ten years ago with the NIST 800-88 Rev 1 standard there’s still a lot of confusion about specifying electronic data destruction – especially when wiping drives. We regularly get requests for 1, 3 or 7 passes which refers to the twenty-five-year-old and obsolete DoD standard. A wiping request that specifies “passes” is a red hot indicator for data compliance education to meet legal requirements to protect data privacy and security. Disregarding or ignorance of proper eMedia data destruction methods can result in an unrecoverable data breach or a legal conviction that torpedoes a brand and customer trust. The Guide is a simple, clear and easy-to-use reference for determining proper NIST 800-88 Purge or Clear sanitization standards for erasing HDDs and SSDs. (And the Destroy standard for degaussing and shredding.)”
The downloadable “Using the NIST 800-88 Rev1 Standard for Data Destruction–A Reference Guide” includes three definitive sections:
1. Definitions, methods, pros and cons and electronic media for each NIST 800-88 Rev 1 category: Clear (overwrite), Purge (overwrite, block erase, and cryptographic erase) and Destroy (physical destruction)
2. A checklist to develop an understanding of a business or department’s data security and sanitization needs
3. A sample data destruction methodology decision tree for high, medium and low security risk data
Businesses of any size or industry rely on third-party data destruction services as their “last line of defense” for end-of-life IT equipment. The services ensure that private and confidential data is removed from computers, data center array storage, cloud storage, tablets, etc. before IT asset lease return, redeployment or ITAD remarketing. Meeting Federal, industry and company compliance regulations and requirements depends upon following the NIST 800-88 Rev 1 Standard. “Our position is clear,” states Dale Hurteau, Client Success Manager, “our VAR, ITAD, MSP and IT Reseller partners rely on us to keep them informed so that they can protect their client’s best interests. That’s why this Reference Guide is essential. If any stakeholder, department or company is struggling with their EOL privacy and security electronic data destruction process, this concise, clear guide will be a huge help. It’s free and can only assist any stakeholder in understanding and ensuring that privacy and confidentiality are upheld without risk of a data breach.”
Intended for download and distribution by ITADs, VARs, MSPs and IT resellers, the guide is intended for any company that is interested in learning
- How to set themselves up for success with the best implementation of the NIST 800-88 Standard for data sanitization.
- The benefits of a decision flowchart that defines the data destruction for IT devices based on risk and disposition.
- How to create a data destruction program that balances the benefits and disadvantages of data wiping and data shredding without compromising security or requirements.
The exclusive Guardian Data Destruction “Using the NIST 800-88 Rev1 Standard for Data Destruction–A Reference Guide” is free and downloadable at guardiandatadestruction.com/nist-guide/. More information about Guardian’s data destruction services is available at www.guardiandatadestruction.com
About Guardian Data Destruction
Established in 2006, Guardian Data Destruction has become the foremost leader in onsite eMedia Data Destruction across North America. Specializing in comprehensive solutions, we offer onsite services for data destruction, enterprise and data center relocations and decommissioning, secure IT packing and logistics, as well as customized solutions for end-of-life IT assets.
With our headquarters in the New York metro area and 23 service hubs spanning the United States, Guardian serves the Fortune 500 customer base of IT Asset Disposition (ITAD) providers, Value-Added Resellers (VARs), Managed Service Providers (MSPs) and IT resellers. Our commitment to delivering exceptional third-party verification and serving as a single-source provider sets us apart.
The bonded Guardian eTeam brings extensive expertise in logistics, chain of custody, auditing, verification, reporting, Environmental, Social, and Governance (ESG) standards, data center protocols and various forms of asset data destruction. Guardian proudly holds NAID AAA certification, ensuring 100% secure, compliant, and absolute data destruction through NSA-compliant (DoD) processes, utilizing NSA-certified equipment. Learn more about us at www.GuardianDatadestruction.com