wp_dodrelevancy

DoD 5220.22-M Relevancy & the Evolution of Wipe Standards

Aug 17, 2020

Changes in technology and data storage devices have forced the DoD 5220.22-M erasure standard to be re-evaluated. The following document discusses the DoD 5220.22-M deletion standard, its efficacy today and discover what organizations are using for their proven wipe method.

wp-checklistdatasecure

Checklist - Keeping Data Secure

Jul 01, 2020

Protecting your proprietary data and sensitive financial or customer data is an ever changing challenge for businesses. Protecting that information from network setup and acquisition to secure data destruction requires planning and vigilant attention to data security.

wp-protect-data-lifecycle

Protect Corporate Data Through Lifecycle

Apr 15, 2020

By allowing these protected data types to be improperly accessed or stolen, a corporation might be legally liable for having “breached their duty of care” to protect corporate data and destroy it properly. This makes prevention through network security and strict data management protocols an important part of your corporate strategy.

wp_whycertimport

Common Criteria EAL 2+: Why is Certification Important

Mar 04, 2020

There is a significant difference between software claiming to comply with standards and the software tools receiving certifying compliance. We don’t believe our customers should have to verify that WipeDrive does what we claim, so we are have received Common Criteria certification at EAL2+.

wp_7securitygaps

7 Security Gaps You May Have Missed

Jan 17, 2020

Disposal of drives and other data-bearing hardware is a necessary but often neglected part of every organization’s IT lifecycle. However, many companies skim over this process and leave potential gaps that can be exploited. Fortunately, these gaps are easy to fix with a little awareness and the right tools. This whitepaper explores seven commonly missed security gaps when retiring their drives and resolutions.

wp_softwaredist

Software Distribution Methods 101: WipeDrive

Nov 07, 2019

When it comes to software distribution methods, you have a wide array of options you can utilize, from CDs, DVDs, and Blu-ray discs to USB drives, the Cloud, and a PXE network. There are key differences with each method that will determine how much interaction is required by the IT technician or person responsible for installing the software application onto the device.

wp_physicaldestruction

Physical Destruction of Data

Oct 29, 2019

The hardware assets leaving your organization can be a security risk – even after they’re discarded. Cyber criminals have gone to great lengths to access storage media, even going through landfills. Physical destruction remedies this possibility by reducing hard drives and other stargate devices to shreds. However, with 3.4 million tons of e-waste going into landfills every year (according to the U.S. Environmental Protection Agency in 2014), the chance your sensitive data is at risk, is higher than you may think.

wp_datapersistence

The Issue of Data Persistence on Phones and Computers

Sep 03, 2019

Devices connected to your corporate network may contain data believed to have been deleted. Exposure of sensitive company data can put your security at risk. It can jeopardize the reputation of your business and risk violations of industry and federal regulations. These are just a few reasons to use hard drive wipe software to address data persistence and data remanence.

wp_whycertification

Learn Why Certification Is Important

Sep 03, 2019

There is a significant difference between software claiming to be "in compliance" with standards and software that is "certified" by recognized security organizations. Learn why certification is important and why relying only on compliance is dangerous.

wp_onthecloud

Data Storage on the Cloud

May 24, 2019

With all the advantages to the cloud, there are many disadvantages and dangers when entrusting data to another company. Data leakage, DDOS attacks, and snooping are far greater risks on the cloud as opposed to physical storage.

wp_pcidss

WipeDrive is Fundamental in Helping Organizations Meet PCI DSS Requirements

Apr 26, 2019

New data breach strategies and attacks have made it imperative that standards be put in place to protect credit card data. The Payment Card Industry Data Security Standard (PCI DSS) is an ongoing regulation started in 2006 to ensure that all companies that accept, process, store or transmit credit card information do so in a secure environment.

wp_encryptionenough

Is Encryption Enough when Retiring Hard Drives?

Mar 29, 2019

Encrypting hard drives adds an effective new level of data protection and security for organizations. However, there is a disturbing trend of relying upon encryption as a form of data sanitization. While encrypted data may seem inaccessible it should never be considered 'sanitized' since all of the data remains and various risk factors threaten this approach.

wp_gdpr

GDPR Changes And IT Asset Retirement

Feb 22, 2019

The worlds strictest data protection regulations have recently gone in to effect. General Data Protection Regulation's newest updates aim to protect all EU citizens from privacy and data breaches. Every organization that collects and/or processes data from people in the EU is subject to GDPR and needs to comply.

wp_5holes

5 Security Holes You May Have Missed

Jan 25, 2019

The hard drive retirement process is one of the most neglected security threats most companies face today. Data contained in old or retired hard drives can put your organization at equal risk to other attack vectors. Take the opportunity to see how your organization may be at risk and how to address any security holes you may have in regards to your hard drive retirement process.

wp_cryptoerase

Crypto Erase and Data Erasure

Dec 28, 2018

Disk encryption is a useful way to secure data, but there are problems with relying on encryption alone to protect data after drive disposal. Using drive wiping in conjunction with cryptographic key erasure solves these problems.

wp_multipass

Are Multiple Wipe Passes Necessary for Secure Data Erasure?

Nov 30, 2018

While WipeDrive software allows you to do any number of passes using any wipe pattern, there is no compelling evidence to suggest that any more than one pass is necessary to ensure complete data erasure. This report briefly explains why organizations use multiple passes and why we don't currently see them as being necessary.

wp_hpadco

Does Your Data Sanitization Software Address The DCO Correctly?

Oct 26, 2018

A DCO lock prevents DCO setting modification. Since a locked DCO is not accessible to the user, it can potentially pose a threat to data security, if data has been stored on the DCO.

wp_nesa

WipeDrive Compliance: NESA in the United Arab Emirates

Sep 28, 2018

The United Arab Emirates requires all agencies meet National Electronic Security Authority (NESA) compliance regulations. These regulations are meant to limit the exposure of data loss and data breaches by government agencies. This report reviews the NESA requirements and what UAE agencies can do to meet them.

wp_cceal2plus

WipeDrive Enterprise: Common Criteria EAL2+ Certification

Aug 24, 2018

The Common Criteria for Information Technology Security Evaluation is an international standard for computer security certification managed by 30 member countries. WipeDrive Enterprise obtained EAL 2+ certification on a data erasure security target and received evaluation by a Common Criteria certified lab. This rigorous certification is the most comprehensive certification currently available.

wp_uknhsguidelines

Data Sanitisation Guidelines For N3 Connected Networks

Jul 27, 2018

The National Health Service in the UK recently made major changes to their data sanitisation guidelines. These guidelines were published in the Destruction and Disposal of Sensitive Data: Good Practice Guidelines and in the Sanitisation, Reuse, Disposal and Destruction of Electronic Media: Guidance For Health and Care Organisations policy updates. The updated guidelines provide recommendations for the secure erasure of patient data on many different types of media.

wp_patent9665743

WhiteCanyon Patent 9665743

Jun 29, 2018

WhiteCanyon Software selectively pursues intellectual property protection on methods and developments in the data erasure industry. This patent protects the process of wiping data on a computer that is reported lost or stolen. This patent reaffirms WhiteCanyon Software as the world leader in data erasure technology.

wp_patent9396359

WhiteCanyon Patent 9396359

May 25, 2018

WhiteCanyon Software selectively persues intellectual property protection on methods and developments in the data erasure industry. In practicing full disk erasure with encryption key destruction, we created the concept of a patent for the sanitization method on an encrypted disk drive.

wp_oemtools

OEM Tools: Data Wiping Issues and Weaknesses

Apr 27, 2018

Many SSD, NVMe and hard drive manufacturers provide OEM Tools for formatting, partitioning and secure erasure. Though many groups on the internet provide support for OEM Tools as an alternative to commercial data wipe solutions, this paper explains why OEM tools fail to be a practical replacement and addresses their major issues.

wp_lowlevelformat

Low Level Format & OEM Tool Issues

Mar 30, 2018

Data removal has been a requirement in organizations since data-bearing devices held confidential and proprietary data. Low Level Format (LLF) and OEM Tools may have once worked on data storage devices (some argue that these options were never fully successful) but technical advances have made these options obsolete.

Resources

Enterprise Products