Data Sanitization and secure disposal of data.
Ensuring the data security and safety of your business or company should always be paramount. Data erasure and data wiping must be done and be implemented whenever possible.
Did you know that if you delete data by simply sending those unwanted files on your computer’s recycle bin does not really delete the files immediately and it still leaves a tiny amount of traces and fragments on your physical computer drive whether your storage media is an SSD or HDD for that matter.
We all are adjusting to the new standards set forth in R2V3. As we move through the process of identifying what changes are occurring and how we react to those changes, we need to consider all of the vendors we interact with.
Due to the complex network of upstream and downstream vendors in our processes, it is likely that everyone vendor involved is R2 certified.
Now that the new standard exists, anyone certified to R2 2013 is considered a non R2V3 vendor. From this comes a host of changes to your operation. While we are waiting for the world to catch up with the changes to the industry, it is important to have a plan for your firm.
One of the areas that is most critical in the downstream vendor path is data sanitization. According to Appendix A (Downstream Recycling Chain), any downstream vendor who is non R2 certified, will be required to undergo annual internal audits by a third party.
It is important to note that non R2 certified refers to any downstream vendor that has not been certified, or any vendor that is currently operating under R2 2013.
Verifying your vendors is an important part of the due diligence process. At Glacier Consulting Services we have a great team of professionals that are certified in Data Sanitization through SERI as well as NAID certified to handle any of the nuanced needs of your business.
Please contact us as you come aware of any need for auditing and verification of your vendors.