Since early 2005, Data Killers has been in the business of securely destroying all types of media including classified materials. Our corporate customers regularly ask us about the industry standards and norms for hard drive destruction since the updated NIST 800-88 guidelines are vague. We have compiled the following set of recommendations and best practices in conjunction with a privacy and security attorney who is also a CISSP and CIPP.

Hard Drive Destruction Methods & Corporate Recommendations

Hard drive crushing

Only recommended for small companies (1-20 employees) with no sensitive information on their hard drives. Sensitive information includes credit cards or social security numbers. Price is the most important factor for these companies. Small service companies that store their customers' intimate data like accounting firms, law firms & medical offices should not use this option.

Hard drives shredded to strips

Possibly recommended for small companies with sensitive information on their hard drives. Sensitive information includes credit cards or social security numbers. Price is an important factor for these companies but they also realize the potential liability that could occur if data is released. Small service companies that store their customers' intimate data like accounting firms, law firms & medical offices should not use this option as data is recoverable from hard drives which are only shredded into strips.

Hard drives shredded to 30mm pieces (pieces about the size of a quarter)

Highly recommended for any company with sensitive information on their hard drives. Sensitive information includes any type of personal or financial information including customer information and corporate transactions and records. These companies realize the huge potential liability that could occur if data is released which can easily happen if the hard drive is only shredded into strips. In addition to the potential civil and criminal liabilities, these companies understand that their corporate brand is worth protecting. This is appropriate for most companies.

Hard drives shredded to 10mm pieces (pieces about the size of a dime)

Only recommended for large and mid-sized companies with extremely sensitive and confidential information on their hard drives. These are typically banks or defense contractors who absolutely understand the consequences of a data breach. These companies realize the huge potential liability that could occur if data is released. In addition to the potential civil and criminal liabilities, these companies understand that the information on their hard drives is one of the most important assets of their company. They have no tolerance for any type of data leak.

Data Killers offers on-site hard drive shredding services nationwide with the ability to cut to 10mm and 30mm sizes. Data Killers is the data and product destruction arm of Turtle Wings, Inc. an environmental services company specializing in electronics recycling. Turtle Wings is an ISO certified, woman-owned, HUBzoned company holding multiple GSA contracts.