Data Destruction Services
At Excess IT Hardware, our most important service is
All data bearing assets (Hard Drives, Network Switches, Phones, etc.) are erased, cleared, or destroyed before they leave our care, custody, and control. Any client identifiable information (asset tags, personal stickers, etc.) are removed from an item before it is certified.
EIH provides a certificate of Recycling and Data Security for each project received from our donors. The certificate verifies that all items are recycled in accordance with all State, Local and Federal Laws, as well as all data and personal information has been removed in accordance with NIST 800-88 and DOD 5220.22M.
All data destruction methods meet or exceed:
- NIST 800-88 standards
- DoD 5200.22-M data sanitization
- Sarbanes-Oxley Act,
- Gramm-Leach-Bliley Act
- FACTA Disposal Rule
- PCI Data Security Standard, and all other various local, state, and federal regulation
Our process is as follows:
- Upon removal from a client’s location, all assets are assigned a project/tracking number to ensure the hardware is tracked throughout its end of life process.
- Assets are received at an Excess IT Hardware facility for processing. All asset tags and other identifiable stickers or markers are removed from the item.
- For PCs, servers, laptops, and any other item that contain a removable hard drive, the hard drive is pulled before the computer is booted to ensure no data is exposed. All other data-bearing devices (tablets, cell phones, network gear, etc) follow a strict protocol to clear them of any data.
- Reusable hard drives are erased following the National Institute of Standards and Technology Guidelines for Media Sanitization (NIST 800-88) or DOD 5220.22M
- Non-reusable hard drives are immediately crushed and then shredded.
- All items processed by EIH receive a certificate of recycling and data security to validate the secure, EPA approved, recycling of the donated items.