12/04/18
Brice Bunner
Data Security

Your SSD data has an NAID data-erasure standard. Here’s why that matters

    

Image ©: Quantum Recycling SolutionsThe interesting thing about technological progress is that there are so many systems and processes that need to keep up with the break-neck pace of improvement. Take Solid-State-Device improvements for example: the technology has been around for years, but it’s only been recently that the National Association for Information Destruction (NAID) has been able to comprehensively grapple with it. As it turns out, safely removing data from the technology is not exactly straightforward.

Catching the wind that is SSD memory

Solid State Drive (SSD) technology exists in so many different forms—and across so many types of devices—that your company might be using SSD memory without you even knowing it. This can pose a problem when it comes to handling sensitive data upon the dispositioning or even just the management of your IT assets.

Memory data, especially the data that lends itself to security breaches, should have a very specific—as well as water-tight—security protocol surrounding it as it moves within your company, and definitely when it leaves your company. For this reason, e-Stewards has adopted NAID as its DS standard and all e-Stewards certified recyclers will soon be required to be NAID certified.

The power of certification

The value that this NAID standard has is that auditors will be able to use it to consistently confirm effective SSD erasure. Right now, SSD erasure is hit-or-miss because of the variety of ways it lives in your devices that we mentioned earlier. By standardizing this process, ITAD companies and IT recyclers can ensure your sensitive data is truly destroyed.

It is with certifications like these that Sage can do as much as we do for the environment. Otherwise, the only way to ensure 100% data destruction would be to shred the hard drives, a practice to which we emphatically stand against.

Our official position is that SSD/HDD erasure is really just a single, albeit important, step in a process that includes a number of other key dependencies. Most important are the chain-of-custody documentation and the effective documentation of data destruction. These, along with the SSD/HDD erasure gives even those most security-conscious of our customers peace of mind—while still maintaining a sustainable (and often profitable) outlook.

In fact, Sage considers a lot more than simple erasure in terms of data security for off-network data. It’s the full chain of custody security that we include in our handling of IT assets. While SSD (or really any form of memory data) gets the most media attention, it’s actually one of the least vulnerable security elements in the chain. Data can be erased at any point in the process, but a faulty chain of custody, or bad documentation cannot be fixed.

The moral of this tale is: whether your data is in Solid State or Hard Drive format, be sure the data you are dispositioning is handled in the best way—all the way—through the process. That includes having legal-hold and quarantine as a stop before its destruction. Skipping that step can cause more headaches than good. Which is why it is wise to use an ITAD partner like Sage, or an e-Steward recycler, since we employ a thorough process that you can rely on.

Leave a Comment

Get your Dosage in your inbox as often as you'd like.

Subscribe