hard drive shredder Archives

Shredding Through Time

July 28, 2020 at 10:00 am by Flora Knolton

Paper shredding can first be accredited to Abbot Augustus Low of New York, who filed a patent for an improved wastepaper receptacle in 1909, sparking the first idea for a paper shredder. Low’s invention was intended for use in banks and counting houses, but unfortunately was never manufactured.

The first known mechanical paper shredder actually was created in Germany in 1935. A man, Adolf Ehinger, was inspired by a hand-crank pasta maker to create a machine to shred sensitive material after being questioned about anti-Nazi literature in his garbage. The machine was cranked inside of a wooden frame that was large enough to handle one sheet of paper. Later in the 1940s, he added a motor to power the shredder and sold the shredders to a host of government entities.

During the cold war, Ehinger’s shredder increased in popularity. In 1959, his company, EBA Maschinenfabrik, created the first cross-cut shredder that cut paper into tiny bits for an increased security level. To this day, EBA Maschinenfabrik continues to design and produce shredders under the name of Krug & Priester, who purchased the business in 1998.

Since Ehinger’s invention, shredders have played a role in many important times in history. Before the 1980s, shredders were nearly exclusively used by the government, military, and banking industry. But in 1987, the U.S Supreme Court that ruled that your garbage, once brought to the curb outside, is considered public property. Come the 1990s, statistics proved how corporate and personal identity theft had skyrocketed. Most of the public wasn’t even aware of the existence of paper shredders until they began to surface in connection with scandals such as Watergate in the 1970s, Iran-Contra in the 1980s, and Enron in 2002. The increase in identity theft and scandals caused concern which led to businesses and individuals burning their paper waste. Because it is so detrimental to the environment, this increase in burning led to laws prohibiting the incineration of trash, which had the effect of businesses and regular citizens turning to paper shredders for secure document disposal. Despite the negative stories and unfair reputation from the media about how they are used to cover the tracks of the guilty, Ehinger’s purpose was to protect the innocent. Throughout the 20^th century, paper shredders have become more secure by using cross-cut methodology and creating smaller shreds.

Privacy laws such as the Health Insurance Portability & Accountability Act (HIPAA), The Fair and Accurate Credit Transaction Act (FACTA), The Family Educational Right and Privacy Act (FERPA) to name a few, render organizations responsible for protecting customer/consumer information. It’s important for businesses to legally comply with these regulations and it is also a best practice for business to routinely destroy data that has outlived retention periods. Shredding paper opens up many environmentally-friendly disposal alternatives that are better than tossing it all in the dumpster.

In 1968, in what is now known as “The Pueblo Incident”, Navy intelligence vessel USS Pueblo was captured by North Korean patrol boats. According to U.S. reports, the Americans tried their best to destroy all the classified information aboard the ship. Unfortunately, with the volume of material on board it was impossible to destroy it all prior to capture. Korean War Veteran and founder of SEM Leonard Rosen was struck with the idea that there has to be a better way to destroy classified information. Within weeks of hearing this news, he had developed the concept for the world’s first paper disintegrator and the SEM legacy of destruction devices had begun. It’s fascinating that Ehinger and Rosen were both motivated by protecting their countries’ intelligence for the greater good of humanity at the time to produce such ideas.

SEM may have coined the term “disintegrator”, but every device from SEM is always quality. SEM’s high security paper shredders are NSA/CSS listed and reduce waste to particles no larger than 1mmx 5mm. All SEM NSA listed paper shredders meet the requirements of the new CUI security regulation that requires CUI documents to be shredded and meet . The Model 344 paper shredder produces particles of 0.8mm X 2.5mm, which is half the size of the current NSA requirements, for those looking for the highest security. Many of SEM’s paper shredders are factory installed with an automatic oiler, but for those looking to reduce their carbon footprint, the Model 1201CC paper shredder may be what’s necessary. The Model 1201CC was the first high security paper shredder tested oil-free by the NSA and listed on the NSA EPL for classified document destruction. Oil free shredders save money on oil refills and are perfect for the eco-conscious consumer.

Buying a paper shredder is an insurance policy that helps protect sensitive information. Our trash is not “our” trash once it’s outside, and its vital to be conscientious about what is being thrown away. Paper shredders have been around for over 100 years now and will continue to be necessary even as more offices vow to go paperless. Paper will still be around, and SEM has all the Classified and Unclassified paper shredders to meet your media destruction needs.

The Shifting Sands of Data End-Of-Life Destruction

October 7, 2019 at 1:09 pm by Paul Falcone

Ever-increasing data volume is driving change in technology and associated compliance regulations

In this age of Big Data, consumers and organizations alike demand the ability to harvest, create, store, and analyze more data without compromising operation speed. The need for increased storage capacity hard drives and optimal transference of data often eclipses what is currently available on the market. However, things will change soon with the planned introduction of innovative data-writing technologies that will serve to “cram” more data on a disk (i.e., write more data on less surface), thereby increasing data density to yield larger-capacity hard drives.

At the same time, mandated compliance regulations concerning data security are constantly evolving to keep pace with the ever-changing landscape of more complex technology and heightened criminal sophistication. The National Security Administration (NSA), Central Security Service (CSS), National Institute of Standards and Technology (NIST), and Information Security Oversight Office (ISOO) work to keep federal standards of data storage and destruction ahead of cybercriminals, who continue to discover new ways of breaching data security walls. Likewise, numerous regulations are also in place for commercial organizations.

Organizations working with data pertaining to classified information, controlled unclassified information (CUI), information for official use only (FOUO), sensitive but unclassified information (SBU), personal health information (PHI), or personally identifiable information (PII) must be vigilant about following trends in data technology, data-security regulations, data crime, and data end-of-life destruction; otherwise, they risk exposure to a data breach.

Recent trends of note

Manufacturers of data storage technology are always trying to accommodate consumer demand, while simultaneously serving the high security needs of organizations and government agencies. Recently, consumer products such as video cameras and camcorders have become significantly more sophisticated, providing users with a more powerful and engaging experience—and storing more data than ever.

For example, a mere ten years ago it was rare to have the average consumer fill even a one-terabyte hard drive. Today, consumers are “chomping at the bit” for more and more memory-storage capacity within their machines, so they can rid themselves of external hard drives, thumb drives, and discs.

As mentioned, this development has prompted major hard drive manufacturers such as Seagate and Western Digital to develop new writing technologies that increase data density. In turn, this requires that more durable materials be used in hard drive construction. Essentially, since data will be “packaged” closer together within the hard drive, it’s critical that construction materials be highly stable and only modifiable during the writing process. These denser hard drives are commonly referred to as enterprise drives since they are typically found in enterprise environments. This will make destroying “average” hard drives analogous to destroying enterprise hard drives, which are engineered to withstand higher temperatures and 24/7 usage, and are constructed with heavy-duty components. As such, organizations will be forced to adapt and/or upgrade their data storage and data destruction capabilities. Currently, SEM is the only manufacturer to engineer devices specifically for enterprise drive destruction.

Given these developments, it’s not surprising that legislation regulating data destruction continues to get more stringent. The new standards for CUI established by the ISOO in Executive Order 13556 are a prime example. The directive delineates clear requirements for the destruction of CUI at the end of life. Specifically, all paper containing CUI must be destroyed by using either cross-cut shredders that produce particles no larger than 1mm x 5mm or by using a disintegrator equipped with a 2.4mm security screen. Any agency in the public or private sector that handles CUI, FOUO, PII, or SBU is subject to regulation under Executive Order 13556.

Likewise, the NSA and the CSS act jointly to keep the NSA/CSS Evaluated Products Lists for secure data destruction up to date with current standards for government classified data. Standards exist for all types of storage media, including solid state and hard disk drives, magnetic media, optical media, and paper. Recently, new standards for optical media were issued that require CDs to be destroyed to a maximum edge size of 5mm, and DVDs and Blu-ray Discs to be destroyed to a maximum edge size of 2mm. (Previously, requirements for DVDs were 5mm and Blu-Ray discs could only to be incinerated.) As these standards change, previously compliant destruction devices may no longer be acceptable, forcing users to adapt.

As the industry innovates, so do the criminals

In recent years, the growth of massive data breaches has reached a level that has affected branches of government, some of the largest businesses in the United States, and even entire cities and municipalities. In response, the NSA/CSS and the ISOO continue to “raise the bar” on data destruction manufacturers to produce devices that can better prevent destroyed data from being reassembled and used maliciously.

All agencies and businesses that collect, house, and destroy classified, CUI, FOUO, PII or SBU must ensure data is protected from the moment of collection until the end-of-life, in accordance with the standards established by the appropriate agency. Any organization not in compliance leaves itself vulnerable to a catastrophic data breach that could put its employees, vendors, partners, and/or customers at risk.

In short, as data destruction security standards tighten, government agencies and private businesses must always ensure that the destruction devices they use are compliant.

When considering your organization’s data destruction process, it behooves you to plan for stricter regulations than currently required. By doing so, you will save on the associated costs of meeting new requirements as they are introduced. At SEM, we offer equipment that often exceeds the specified requirements for destruction, such as our Model 344 paper shredder and our line of enterprise class drive destroyers.

NIST Guidelines vs. the NSA EPL on Hard Drive Destruction: Clearing Up Confusion

February 5, 2019 at 5:44 pm by Heidi White

Over the 20 years I have been working for SEM, I have explained to customers and former military colleagues about the requirements for classified destruction. Lately these requirements have become stricter due to the ever-changing technologies. It’s not as easy as just putting your paper in a shredder or disintegrator and walking away knowing your classified is destroyed. Your classified now comes on many types of media. With so many types of media, a requirement had to be set forth by the National Security Agency (NSA) as to how these needed to be destroyed. We will discuss destroying hard drives as it relates to the National Institute of Standards and Technology (NIST) 800-88 and NSA Evaluated Products List (EPL) for Hard Drive Destruction.

For this blog, I will only discuss a brief overview for the destruction of hard disks (SCSI, ATA, SATA). NIST 800-88 explains on page 16, table 5-1 there are three methods of destroying hard disks. The first is to CLEAR. This method uses software to overwrite the storage space on the media with non-sensitive data (unclassified) and gives you the option to reuse your hard drive. The second is to PURGE. This method uses degaussing and the Secure Erase command present on some ATA drives. This method is very effective again for unclassified drives. The third method is PHYSICAL DESTRUCTION. This method is the standard for classified data and it destroys the drive by using disintegration, pulverization, melting, or incineration.

emp 1000HS — SEM’s NSA listed Model EMP1000-HS degausser is an ideal solution for rotational hard drives; however, degaussing has NO effect on solid state media.

The second paragraph of the NSA/CSS EPL for Hard Drive Destruction Devices states, “Hard drive destruction devices on their own DO NOT SANITIZE magnetic and/or solid-state storage devices; use of these machines is only authorized in conjunction with degaussing for routine magnetic hard disk drive sanitization or by themselves only in extreme emergency situations. Sanitization guidance for classified storage devices is located in the NSA/CSS PM 9-12 Storage Device Sanitization Manual.” This leads you to believe that degaussing could be used on a solid state drive (SSD). This is misleading! A magnetic field created by a degausser will cause no damage to an SSD. A degausser will only destroy information on a standard rotational magnetic drive.

ssd shredder — Classified SSDs must be disintegrated to a 2mm particle size.

In the third paragraph it states; “All shredders designed for hard drives are approved for deformation of magnetic hard drive platters. Shredding alone will NOT SANITIZE magnetic and/or solid state storage devices unless a two-millimeter particle size or less of the magnetic disk or solid-state memory chip is accomplished in accordance with NSA/CSS PM 9-12 Storage Device Sanitization Manual.” This states that if you have a hard drive or SSD, you can shred it to a 2mm particle to sanitize the drive. This is confusing. Although the NSA guidelines REQUIRE you to reduce a classified SSD to a two-millimeter particle to render the device sanitized, the machine that does this may not be able to shred a standard magnetic hard disk drive to this two-millimeter particle. This is due to the size and materials used in the manufacturing of a magnetic hard disk.

In conclusion, in order to completely destroy the information in a hard drive is a two-step process for a magnetic hard drive and a single step process for a SSD.

A magnetic disk MUST BE degaussed using an NSA approved degausser THEN physically destroyed. This second step of physical destruction is left up to the end user and can vary greatly. It can be as simple as drilling a hole in the drive, hitting it several times with a hammer, or using a hydraulic punch or hard drive shredder. A solid state drive MUST be shredded to a two-millimeter particle and cannot be degaussed.

If you have any questions or would like to talk to a security professional, feel free to reach out to me or any SEM representative.

Karl Lotvedt, DC Region Sales Support, has over 20 years of experience with SEM, including targeted expertise in understanding military procedures and requirements. Prior to joining SEM, Karl spent 20 years in the United States Air Force including over five years in procurement. Now retired from the Air Force, Karl currently serves as an Air Force resource advisor. Karl received his AA and CIS from National College in Rapid City, SD.

Patch Barracks Classified Data Destruction Facility — A Highly Successful Installation

October 12, 2018 at 8:18 pm by Heidi White

SEM recently installed a classified data destruction facility at Patch Barracks in Stuttgart-Vaihingen, Germany under the direction of EUCOM, AFRICOM, and the 405^th Army Field Support Brigade. The centralized facility, in support of local operations, is a green operation providing for zero landfill and recycle of all materials. The facility includes an SEM Model DS1436 NSA listed dual stage disintegrator with trio briquettor for bulk paper destruction along with multi-media destruction equipment capable of destroying complete Laptops. Two SEM Model EMP1000-HS NSA listed high security degaussers, two SEM Model 0304 high volume combo HDD/SSD hard drive shredders, two 0202 Optical Medial destroyers, and an existing SEM Model DS1436 disintegrator provide total redundancy of all destruction capabilities. These devices provide a destruction solution for all levels of classified paper, optical media, and hard drives. SEM’s own Todd Busic, Ricardo Leon, and Don Donahue were on site to finalize the installation and provide systems start-up and training to staff. A ribbon cutting ceremony was held Friday October 12^th where Garrison Commander Col. Neal A. Corson officially opened the facility for operations. Special thanks to EUCOM, AFRICOM, DPW, and the 405th for working as a trusted partner with SEM to ensure timely and successful completion of this important project.

Ribbon cutting ceremony for the Classified Destruction Facility

The project was completed with support from EUCOM and AFRICOM.

Success! The destruction facility is fully operational. Todd Busic is pictured right.

The disintegrators are high capacity, capable of destroying entire boxes of paper material at once.

SEM Engineer Ricardo Leon worked on the master control panel during the installation.

The team even celebrated with a custom made cake.

An IT Destruction Audit Trail – How to Simplify the Process

August 23, 2018 at 2:47 pm by Heidi White

If you deal with sensitive drives, the NSA/CSS requirements for destruction of classified and higher drives requires that they first be degaussed by an NSA approved degausser and then physically destroyed. This 2-step process is not complete without the third critical step: documentation/destruction audit trail of everything destroyed. Therefore, you must properly document before you degauss and then destroy.

An important part of any HDD/SSD media destruction program is the accurate creation of a complete end of life audit trail. Until now it has been up to the operator of the degausser/destruction equipment to fill out the appropriate tracking form by hand, recording the serial numbers of the drives destroyed so there is a record of who, what, where and when they were destroyed. This is a very time-consuming and tedious process, and one that is prone to unintentional errors in the serial numbers recorded. The need for accuracy in this documentation is extremely important in the event of an audit or the need to track a specific drive — especially a classified one.

The iWitness is a plug and play documentation tool that is both accurate and time-saving

Whether you have ten drives or 10,000 drives to destroy, an easy way to streamline the process and dramatically increase the speed and accuracy while gathering additional information on the specific drive’s destruction is to automate the process using the SEM iWitness audit-friendly media tracking and end-of-life documenting solution.

The iWitness is a simple plug and play, end-of-life documentation tool for IT destruction. The iWitness consists of a laptop with a 15” screen, a handheld barcode scanner, and pre-loaded iWitness software, and is the only system that is fully SCIF compliant right out of the box. This SCIF compliant system is completely stand-alone and does not need to connect to a network. The software is installed on a guest account, the Wi-Fi and Bluetooth are disabled, it has no cameras, and writes to a CDR — absolutely no USB is required. The iWitness system is the ideal solution for classified environments and SCIFs.

The iWitness comes complete with a laptop, scanner, and pre-loaded software

The process is simple: just scan an HDD or SSD bar code and the software records the media and documents the erasure status and gauss level, after which the information can be exported to a cross-compatible CSV file and saved to a CDR or, if preferred and not in a SCIF, a USB drive. The iWitness not only keeps an audit trail, it also prompts the operator through every step of the process, so no step is missed. The software records manufacturer, model, serial number, destruction method and device used, operator name, time, and date. In addition, the iWitness can be easily customized to record additional drive information as required.

This machine is compatible with the SEM EMP-1000HS and EMP-1000 degaussers, as well as the entire line of SEM HDD/SSD crushers, shredders, and disintegrators. It can also be used with non-SEM destruction devices if preferred. When used with an SEM degausser, the iWitness system provides erasure verification by recording the Pass/Fail status and the magnetic field strength communicated directly from the degausser via a barcode displayed on the degausser’s LCD panel, which can be scanned with the iWitness to confirm sanitization. This is an exclusive compatibility feature of SEM degaussers; however, competitive degaussers can also be used without this feature.

The SEM iWitness offers a full-featured solution to the cumbersome chore of filling out various documentation forms, making your audit trail recording a breeze. The iWitness complies with all major security requirements including NIST SP 800-36/NIST SP 800-88, PCI DSS, HIPAA, FACTA, FISMA, PIPEDA, GLBA, CCPA, and FCC standard. If time savings, increased recording accuracy, operational simplicity, and regulatory compliance are important to your organization, the SEM iWitness would be a great addition to your media destruction program.

Mike Wakefield, Southeast Regional Sales Manager, has over 34 years of sales experience, 25 of which have been with SEM, and he is a Subject Matter Expert in data destruction and government contracting. Throughout his career at SEM, Mike has worked with key clients including the federal government, U.S. military, defense contractor community, and Fortune 500 companies. Mike prides himself on being able to anticipate new markets and emerging technologies while also working with the intelligence community to meet current and future needs, all while protecting the environment.

In-House Hard Drive Destruction: More Affordable Than You Think

June 27, 2018 at 10:43 am by SEM

What’s the best in-house hard drive destruction for today’s drives?

The most commonly used hard drives in today’s computing world are the 3.5”, 2.5”, and 1.8” form factor drives. In fact, they represent over 95% of the drives being used in today’s offices. Larger drives only represent a small portion of the drives that are in use today. So what is the best method of hard drive destruction?

Until recent years, a practical solution for in-house destruction was not available other than deleting software, drilling holes in the drives, burning, or other methods that are not very practical and did not guarantee any level of security. From a security standpoint, there is no substitute to controlling your own IT destruction program in-house, especially if user-friendly, affordable equipment is available that can be utilized by IT personnel.

Crush a Drive. Use an SEM Model 0101.

This device represents final destruction for some companies while other high security government organizations use them to disable drives after they have been magnetically degaussed to NSA standards. The Model 0101 takes up very little space (22” h x 10”w x 19” d) and can easily be transported to other locations. A deployment case is available for easy transport. The method of destruction is a hardened, pointed conical punch that comes in contact with the drive with 12,000 lbs. of force, causing trauma to the drive chassis and internal platter. The process takes about 10 seconds. While it sounds kind of menacing, this unit is actually quiet, safe, and requires minimal maintenance. It is also very affordable and ideal for in-house destruction.

Hard Drive Shredding. Try an SEM Hard Drive Shedder.

Several years ago, the average hard drive shredder needed its own building! It was so big that it was only practical for most organizations to use an outside destruction service or salvage company when HDD’s needed to be shredded. Nowadays, there are plenty of options. When volume or total destruction is needed, the SEM hard drive shredder series is your best solution. These units have amazing destructive power with a very small footprint. They will destroy from 500-3,500 drives per hour and power consumption is minimal. They are quiet, compact, and built to last. Numerous safety features are incorporated into the design. Maintenance is minimal and can be done by your own company personnel or by PM contract with the manufacturer.

What is Magnetic Degaussing?

Degaussing is a method for destroying hard drives that utilizes powerful magnets. The SEM Model EMP1000-HS meets NSA EPL (Evaluated Products List) guidelines for destroying classified drives. Other commercial grade degausses are also available from SEM. All units are extremely safe, compact, and very practical for in-house destruction. All degaussers can also be bundled with HDD shredders or crushers if drives need to be destroyed after magnetic erasure as required by NSA.

For more information, Please visit www.semshred.com or call us at 800-225-9292 to speak to your representative.

Hard Drive Shredders – Which is right for you?

May 8, 2018 at 11:15 am by SEM

Shredding a hard drive just like a paper shredder, how can that be? That’s right, when it comes time to dispose of old hard drives that contain millions of pages of data and information, they can be shredded into strip cut pieces just like a paper shredder. The question is which hard drive shredder best meets an individuals or company’s needs?

Which Hard Drive Shredder is Best?

In order to determine which hard drive shredder is the best solution, a few things must be considered. What is the volume of drives needed to be destroyed? What is the security level required? Do we have the proper power to operate the system? Once these are answered, the search can begin.

SEM offers a variety of hard drive shredders that answer all of these questions. From a low volume, small footprint, office-like system with standard single phase power like the SEM Model 0300 to a larger, industrial size, high volume system with 3-phase power like the SEM Model 0304, SEM has a solution to meet your needs.

Prioritize Your Needs

If SECURITY is your most important priority – the smaller the better. As such, a .75” strip cut is more desirable than 1.0” or 1.5”. Model 0304 have the capabilities to produce all three strip cut sizes.

If VOLUME is more important – any of the systems with a shred size of 1.5” produce the higher volumes that range from 500 to 3500 hard drives per hour.

POWER –The Model 0300 requires standard 120V -20Amp power while the remainder of systems require 3-phase power at 208, 230 or 460V. Therefore, your facility must be able to accommodate this power.

SPACE – The 3-phase power units that can shred high volumes require enough space to accommodate the shredder and the discharge conveyor. A collection container to accept the shredded drives must also be considered. As such, the facility must have enough room to handle these configurations.

What to do With Shredder Drives

Hard drives contain a variety of precious metals such as gold, copper, aluminum, and more. Once the drives are shredded, these can be sold to recyclers who have the capability to separate the metals through a smelting process. When gold prices are up, it doesn’t take much to make these shredded drives very valuable. At the time of this report, a shredded hard drive had a value of about 50 cents per drive.

Ameri-shred shredder hdd — SEM Model 0304

SUMMARY:

If you have need to dispose of hard drives or similar items such as cell phones, blackberries, etc., an SEM hard drive shredder is a clean, simple to operate, highly effective solution. And with so many options available from SEM, there’s always one that fits your needs.

SEM Shred

Tag: hard drive shredder