How NOT to Destroy Employee Personally Identifiable Information

April 25, 2023 at 8:00 am by Amanda Canale

Employee personally identifiable information (PII) is filled with critically private and personal information, such as financial information, healthcare information if provided by the employer, pay stubs, addresses and phone numbers, and more, so it should always be destroyed with the utmost care.

Before we get to how not to destroy these types of files, it’s important we discuss how long you should keep them for. When it comes to personnel records, retention periods can vary. For instance, the Department of Labor Correspondence and the Internal Revenue Service (IRS) require any financial statements, documents from the IRS and Department of Labor Correspondence themselves, and plan and trust agreements to be kept three to four years, or even longer depending on the case.

However, when it comes to normal employee files, applications, contracts, and other employee personal information, they should be kept for two to three years from the date of termination. What about their compensation documentation? Keep these on file for three to five years from the termination. (This is important to remember!)

Now, let’s get to the fun part – the destruction!

Ripping Up

While ripping paper into confetti-sized pieces can be a great way to relieve some stress, we don’t necessarily recommend this tactic when getting rid of your most recent fire’s employee file. Even if you weren’t too crazy about your coworker, if not destroyed with high security end-of-life destruction equipment, their information could easily fall into the wrong hands, and your coworker could be the next to fall victim to identity theft – which nobody deserves. Don’t believe us? Take for instance the DARPA Shredder Challenge, where people quite literally competed to reassemble 10,000 shred particles for a large grand monetary prize. While the average person would much rather do anything else than spend 600 hours putting shred pieces back together, the same cannot be said for hackers and thieves; if it’s going to grant them access to your most sensitive information, then chances are they will rise to the occasion!

Recycling and/or Throwing Away

While we support the green initiative in wanting to recycle end-of-life PII documents, unfortunately this isn’t possible. Again, if it’s not a good idea to rip up your employee’s files, it’s not safe to simply throw it out or recycle. Sadly, the majority of our waste and recycling ends up in landfills and dumpsters which are typically gold mines for hackers and thieves. In addition, recycling and waste are not always transported securely, which makes it easy for people to intercept and have access to your most private and identifiable information.

It is always best to err on the side of caution when it comes to end-of-life data destruction. When it comes to specifically destroying employee files, it is best practice to use a secure, in-house method, like our Model 244/4 high security paper shredder.

The Model 244/4 is our most popular high security paper shredder. Why? This solution is NSA evaluated and listed by the NSA/CSS EPL and meets DIN 66399 Level P-7 standards. Our 244/4 provides a rugged performance with an NSA one hour durability of 17 reams per hour while encased in a quiet system, making it the perfect choice for small or mid-size department use.

Want even more security? Our Model 344 offers an even more secure shred size than the current mandate for the National Security Agency (NSA) requires. We like to call the 344’s final particle size as P-7+. This device is the only high security paper shredder on the market that offers a particle size of 0.8mm x 2.5mm (that is 50% smaller than the current National Security Agency requirement!)

By adopting a shredding policy, you are making the most cost-effective, safe, and secure decision to take preventative measures to ensure that your past and current end-of-life employee information does not fall into the wrong hands.

Centralized vs. Decentralized Destruction: What’s the Difference?

April 17, 2023 at 2:36 pm by Amanda Canale

As with most new technology, ideas, and solutions, there are pros and cons. In this month’s blog, we’re breaking down the main similarities and differences between centralized and decentralized destruction environments.

Centralized Environment

A centralized environment is, essentially, one space where all of the magic happens. Whether it is a centralized record center or destruction environment, everything that happens and everything being stored are in one location.

For example, let’s refer back to our Level 6 Data Centers: Best Practices in Security blog. The sixth level of the Google data center is known as a centralized destruction environment because all the destruction occurs in one, central space. At this level, security is at an all-time high, with very few personnel having access.

Another example of a centralized environment, but in this case a record center, is a single space where all records are kept. It could be a doctor’s office where all patient files are kept or a cloud-based system where all files and documentation are stored. Since centralized environments hold a substantial amount of information, they are typically organized by separate teams or personnel with a very high level of clearance.

CENTRALIZED ENVIRONMENT PROS:

One main pro when it comes to a centralized environment, in this case destruction, is that all of your destruction occurs in one place. There isn’t a concern for whether a drive was left on someone’s desk or an end-of-life document was misfiled since there is a system in place that requires all end-of-life drives and documentation to be in one place at the same time. This allows for a highly organized destruction plan and seamless organization system.

With a centralized environment typically comes extra security (remember, all your eggs are in one basket!), which just adds an additional level of protection. This can be in the form of more security cameras, keypads and ID badges, physical security guards, and more. Not only do centralized environments come more protected, they also allow for more opportunities for control.

CENTRALIZED ENVIRONMENT CONS:

By putting one’s eggs all in one basket, while it offers a sense of control and safety, it can also have its drawbacks. Hypothetically speaking, if someone was able to breach that centralized location, they have the world at their fingertips since everything is in one place. Servers can be hacked into, destruction solutions can be tampered with, and precious information can easily be stolen. However, this is also why extra security measures are taken, whether the environment is centralized or not.

Decentralized Environment

On the contrary, a decentralized environment is where all of the records or destruction occurs across multiple rooms, spaces, or even floors. A decentralized environment could be the same doctor’s office mentioned earlier, but where patient personal health information (PHI) is kept spread out among various storage locations, workstations, multiple servers, etc.

DECENTRALIZED ENVIRONMENT PROS:

Decentralized environments allow for data to be stored in more than one place offering more accessibility, and allowing those who need to access the data to be closer to it. By having their data in multiple and closer locations, there’s no need for long walks across the data center or building, or extra physical layers of security.

Depending on how sensitive the information is, a decentralized record center can sometimes offer more protection since there are multiple points of access and entry, which mean more opportunities for a hacker to fail.

DECENTRALIZED ENVIRONMENT CONS:

With multiple points of entry and access, also come…more money. Decentralized networks, destruction, or record environments require more upkeep, more maintenance, more storage, and more security.

The consequences of improper data destruction are endless. By opting for in-house, centralized destruction, companies have complete oversight and can be certain that your information has been securely destroyed. At SEM, we offer an array of various high-quality NSA listed/CUI and unclassified data destruction solutions, and are experts in designing and creating, implementing, installing, and servicing centralized destruction facilities across the globe. Whether it’s for the federal government, one of their agencies, or a commercial data center, we do it all. Learn more about our scalable and customizable solutions here.

Good, Better, Best: Hard Drive Destruction Solutions for State and Local Governments

May 11, 2020 at 9:33 am by SEM

There are many different options in the market place to destroy hard drives. Everything from erase software, to degaussers, to many different forms of physical destruction. So the question becomes “What is the best solution for me”?

When it comes to destroying hard drives for State and Local Governments, most experts agree the best and most secure method is to degauss the drive and then use some form of physical destruction. While this combination solution is the best method, there are others that are effective that only require one step. Here are some ideas:

GOOD

Physical Destruction

For most State and Local Governments, this is an entry level destruction option. You can use either use a crushing method such as a SEM Model 0101 Hard Drive Crusher or for added security, shred the drives using the SEM Model 0300 HDD Shredder.

SEM 0101 Hard Drive Crusher

The SEM Model 0101 hard drive crusher destroys all hard drives regardless of their size, format or type (up to 1.85” thick), including drives found in laptops, desktops and server systems. The Model 0101 has been tested by the NSA and is listed by the NSA as the highest performing HDD punching device making It suitable as a physical destruction solution of the DoD mandated Degauss and Destroy process. Check out a video of the 0101 here.

SEM 0300 Hard Drive Shredder

When it comes to the fast, safe, easy destruction of hard drives, nothing outperforms the SEM hard drive shredder line, including the SEM Model 0300. This slow speed, high torque shredder uses specially designed saw tooth hook cutters to chew up about 8 hard drives in a minute that produce a 1.5” wide particle size. That’s just 7.5 seconds per drive. The unit is designed for an office environment and plugs conveniently into standard wall outlets. Check out a video about the 0300 here.

BETTER

Degauss and Destroy

For a higher level of security, State and Local Governments may want to consider the two step process of erasing data with a degausser and destroying the media with a crusher. This would give you peace of mind that the drive has been degaussed, which renders the drive completely useless. Once the drive has been sanitized, additionally physically destroying the media makes it inoperable to 100% ensure no information can ever be accessed again. Below is our most popular option.

SEM EMP1000-HS and SEM Model 0101 Crusher

The SEM EMP1000-HS is a compact, portable, and powerful electromagnetic degausser that erases the highest coercivity magnetic media available today without the use of any adapters for onsite erasure and declassification. The Model EMP1000-HS degausser has been evaluated by the NSA and is listed on the NSA EPL for Magnetic Degaussers erasing data on 5,000 Oe longitudinal and perpendicular recorded disk drives and 3,000 Oe for tape media (includes LTO8 tape). Learn more by watching a video here.

Pair this with the SEM Model 0101 shown above and you have a good destruction solution.

BEST

Combine the EMP1000-HS NSA listed degausser with the Model 0101 NSA listed crusher and the iWitness end-of-life documentation tool for a Degauss, Destroy and Document Bundle to completely eliminate high security data from magnetic media in accordance with NSA and DoD guidelines.

The added iWitness will allow for documentation of the destruction process, pairing with the EMP1000-HS that has a built in verification system that works out of the box with the iWitness.

If you need to destroy hard drives, laptops, phones or any other type of electronic media, SEM has a solution to meet a wide variety of budgets. For more information on contact us today!

What’s the ‘Din’ about DIN?

February 15, 2019 at 4:03 pm by Heidi White

Under a Microscope: Dissecting the Implications of DIN 66399

Covering everything from safeguards for children’s toys to design requirements for roller sports equipment, DIN Security Standards are also used to help define and standardize the different levels of security for international physical data destruction. Originating in Europe, these standards are continually making headway toward global acceptance as a benchmark to set the size and type of data that needs to be destroyed appropriately.

DIN-p-7 — The DIN 66399 P-7 standard for paper destruction is 1mm x 5mm, the same as the NSA standard for the destruction of classified paper.

DIN 66399 specifically addresses standards for the destruction of data devices. This particular standard—which replaced DIN 32757—features over 40 variations based on protection classes, material/media and security levels. These three broad criteria are intended to drive the data device destruction process, guiding users so they can make informed end-of-life data disposal decisions.

Protection Classes

Companies or government entities must begin the destruction process by first determining what type of data needs to be destroyed. DIN 66399 has three protection classes that help you define the requirements and classification for your data:

Information from professional service firms including lawyers and attorneys would fall under Class 1 or Class 2, depending on the type of data.

Class 1: Normal Protection: Sensitivity for internal data that’s accessible by fairly large groups of people. Unauthorized information disclosure or transfer at this level could have negative effects on a company or make individuals vulnerable to identity theft and besmirching of reputation.

Class 2: Higher Protection: Sensitivity for confidential data that’s restricted to a small group of employees. Unauthorized information disclosure or transfer at Class 2 would have serious effects on a company and could lead to violation of laws or contractual obligations. Disclosure of personal data runs the risk of serious damage to an individual’s social standing or financial situation.

Class 3: Very High Protection: Sensitivity for confidential and top-secret data that’s restricted to an extremely small group of named individuals. Any information disclosure here would pose catastrophic, existential threats to a company/government entity and/or lead to violation of trade secrets, contracts and laws. Disclosure of personal data runs the risk of jeopardizing an individual’s personal freedom, safety, or life.

Material/Media Classification and Security Levels

Having determined the applicable protection class, you should subsequently consult DIN-66399 to classify the material on which your data resides and identify the corresponding security level. Per DIN standards, this data destruction security level will dictate the appropriate final shredding size for your media or paper documents.

DIN-66399-electronic-Media — SEM lists devices that meet every type of DIN 66399 destruction requirement. Click here for details.

DIN 66399 requirements by data device material are as follows:

Film: DIN 66399 Material Classification F refers to information in miniaturized form (e.g., microfilm), with security levels running (lowest to highest) from F-1 to F-7. For example, F-1 stipulates a maximum material particle size of 160 mm², while F-7 stipulates a corresponding size of 0.2 mm².

Optical Media: DIN 66399 Material Classification O pertains to information on optical data carriers (e.g., CDs/DVDs). Security levels run from O-1 (max 2,000 mm²) to O-7 (max 0.2 mm²).

Magnetic Media: DIN 66399 Material Classification T pertains to information on magnetic data carriers (e.g., ID-cards, floppy disks and diskettes). Security levels run from T-1 (media must be rendered mechanically inoperable) to T-7 (max 2.5 mm²).

Hard Drives: DIN 66399 Material Classification H pertains to information on hard drives with magnetic data carriers. Security levels run from H-1 (media must be rendered mechanically/electrically inoperable) to H-7 (max 5 mm²).

Electronic Media: DIN 66399 Material Classification E pertains to information on electronic data carriers (e.g., chip cards and memory sticks/flash drives). Security levels run from E-1 (media must be rendered mechanically/electrically inoperable) to E-7 (max 0.5 mm²).

Paper: DIN 66399 Material Classification P pertains to information presentation in original size (e.g., paper, films and printing plates). Security levels run from P-1 (max strip width of 12 mm or max particle surface area of 2,000 mm²) to P-7 (1 mm x 5 mm).

The Relevance of DIN 66399 Regarding NSA Standards

In the U.S., of course, standards for classified data or otherwise protected information and data destruction device compliance are determined, implemented, and monitored by the NSA—not by DIN.

Nonetheless, DIN 66399 is increasingly gaining merit worldwide, including the U.S., as reflective of best practices within the data destruction industry, and DIN is frequently referenced in U.S. data destruction requirements. What’s more, despite the use of DIN Security Standards being voluntary, they can become mandatory in certain instances when they are referred to in contracts, laws, or regulations.

For these reasons, it’s important to stay current on the structure of DIN 66399 and its compliance requirements when you are beginning your data destruction process.

NIST Guidelines vs. the NSA EPL on Hard Drive Destruction: Clearing Up Confusion

February 5, 2019 at 5:44 pm by Heidi White

Over the 20 years I have been working for SEM, I have explained to customers and former military colleagues about the requirements for classified destruction. Lately these requirements have become stricter due to the ever-changing technologies. It’s not as easy as just putting your paper in a shredder or disintegrator and walking away knowing your classified is destroyed. Your classified now comes on many types of media. With so many types of media, a requirement had to be set forth by the National Security Agency (NSA) as to how these needed to be destroyed. We will discuss destroying hard drives as it relates to the National Institute of Standards and Technology (NIST) 800-88 and NSA Evaluated Products List (EPL) for Hard Drive Destruction.

For this blog, I will only discuss a brief overview for the destruction of hard disks (SCSI, ATA, SATA). NIST 800-88 explains on page 16, table 5-1 there are three methods of destroying hard disks. The first is to CLEAR. This method uses software to overwrite the storage space on the media with non-sensitive data (unclassified) and gives you the option to reuse your hard drive. The second is to PURGE. This method uses degaussing and the Secure Erase command present on some ATA drives. This method is very effective again for unclassified drives. The third method is PHYSICAL DESTRUCTION. This method is the standard for classified data and it destroys the drive by using disintegration, pulverization, melting, or incineration.

emp 1000HS — SEM’s NSA listed Model EMP1000-HS degausser is an ideal solution for rotational hard drives; however, degaussing has NO effect on solid state media.

The second paragraph of the NSA/CSS EPL for Hard Drive Destruction Devices states, “Hard drive destruction devices on their own DO NOT SANITIZE magnetic and/or solid-state storage devices; use of these machines is only authorized in conjunction with degaussing for routine magnetic hard disk drive sanitization or by themselves only in extreme emergency situations. Sanitization guidance for classified storage devices is located in the NSA/CSS PM 9-12 Storage Device Sanitization Manual.” This leads you to believe that degaussing could be used on a solid state drive (SSD). This is misleading! A magnetic field created by a degausser will cause no damage to an SSD. A degausser will only destroy information on a standard rotational magnetic drive.

ssd shredder — Classified SSDs must be disintegrated to a 2mm particle size.

In the third paragraph it states; “All shredders designed for hard drives are approved for deformation of magnetic hard drive platters. Shredding alone will NOT SANITIZE magnetic and/or solid state storage devices unless a two-millimeter particle size or less of the magnetic disk or solid-state memory chip is accomplished in accordance with NSA/CSS PM 9-12 Storage Device Sanitization Manual.” This states that if you have a hard drive or SSD, you can shred it to a 2mm particle to sanitize the drive. This is confusing. Although the NSA guidelines REQUIRE you to reduce a classified SSD to a two-millimeter particle to render the device sanitized, the machine that does this may not be able to shred a standard magnetic hard disk drive to this two-millimeter particle. This is due to the size and materials used in the manufacturing of a magnetic hard disk.

In conclusion, in order to completely destroy the information in a hard drive is a two-step process for a magnetic hard drive and a single step process for a SSD.

A magnetic disk MUST BE degaussed using an NSA approved degausser THEN physically destroyed. This second step of physical destruction is left up to the end user and can vary greatly. It can be as simple as drilling a hole in the drive, hitting it several times with a hammer, or using a hydraulic punch or hard drive shredder. A solid state drive MUST be shredded to a two-millimeter particle and cannot be degaussed.

If you have any questions or would like to talk to a security professional, feel free to reach out to me or any SEM representative.

Karl Lotvedt, DC Region Sales Support, has over 20 years of experience with SEM, including targeted expertise in understanding military procedures and requirements. Prior to joining SEM, Karl spent 20 years in the United States Air Force including over five years in procurement. Now retired from the Air Force, Karl currently serves as an Air Force resource advisor. Karl received his AA and CIS from National College in Rapid City, SD.

Patch Barracks Classified Data Destruction Facility — A Highly Successful Installation

October 12, 2018 at 8:18 pm by Heidi White

SEM recently installed a classified data destruction facility at Patch Barracks in Stuttgart-Vaihingen, Germany under the direction of EUCOM, AFRICOM, and the 405^th Army Field Support Brigade. The centralized facility, in support of local operations, is a green operation providing for zero landfill and recycle of all materials. The facility includes an SEM Model DS1436 NSA listed dual stage disintegrator with trio briquettor for bulk paper destruction along with multi-media destruction equipment capable of destroying complete Laptops. Two SEM Model EMP1000-HS NSA listed high security degaussers, two SEM Model 0304 high volume combo HDD/SSD hard drive shredders, two 0202 Optical Medial destroyers, and an existing SEM Model DS1436 disintegrator provide total redundancy of all destruction capabilities. These devices provide a destruction solution for all levels of classified paper, optical media, and hard drives. SEM’s own Todd Busic, Ricardo Leon, and Don Donahue were on site to finalize the installation and provide systems start-up and training to staff. A ribbon cutting ceremony was held Friday October 12^th where Garrison Commander Col. Neal A. Corson officially opened the facility for operations. Special thanks to EUCOM, AFRICOM, DPW, and the 405th for working as a trusted partner with SEM to ensure timely and successful completion of this important project.

Ribbon cutting ceremony for the Classified Destruction Facility

The project was completed with support from EUCOM and AFRICOM.

Success! The destruction facility is fully operational. Todd Busic is pictured right.

The disintegrators are high capacity, capable of destroying entire boxes of paper material at once.

SEM Engineer Ricardo Leon worked on the master control panel during the installation.

The team even celebrated with a custom made cake.

Masters of Destruction – Electronic Media Shredding

June 13, 2018 at 4:29 pm by SEM

Tuesday, November 28, 2006

Masters of Destruction

Westboro company specialist in sensitive data

By Martin Luttrell TELEGRAM & GAZETTE STAFF

For decades, the federal government and private businesses have used Security Engineered Machinery equipment to shred paper records, and more recently, computer drives, CDs and other electronic records.

And with sensitive information remaining on old computer hard drives, cell phones and BlackBerries, the Walkup Drive company is expanding into full-service data destruction for clients that want secure handling and destruction of their electronic devices.

Founded in Millbury in the late 1960s, SEM employs 44 and is the largest manufacturer of document- and electronic-disintegration equipment, with its shredding and disintegration machines in use by the Departments of Defense and Homeland Security, in State Department embassies around the world and by the U.S. Postal Service. More than 400 central banks worldwide use the company’s equipment for shredding old currency.

The federal government has been the biggest customer, but private industry is catching up as accidental releases of sensitive data make headlines.

SEM showed a reporter a room the company renovated from warehouse space that now houses machines for shredding computers and other electronic data storage devices. Computer hard drives, keyboards and towers moved up an inclined conveyer about 12 feet, where they were dropped into a hopper and ground into pieces an inch or two in size.

“The federal government is light years ahead of the private sector in security,” Mr. Dempsey said. “A lot of companies have paper shredders. But what happens to a CD or diskette? The government has been doing this for years.

“There is not a piece of equipment here that has not been cleared by the NSA (National Security Agency) for classified destruction,” he said. “Not all companies will spend $25,000 for a machine like this. That’s where this service comes into play. We have people that walk in with one hard drive, and we’ll destroy it and let them witness it.”

Clients who ship their items to SEM can even watch over a designated Web site as their computers or other items are destroyed; some 17 video cameras mounted in the ceiling, and more in the hoppers of the machines, beam images of the process.

“We send it premium freight so it can be tracked door to door,” he said. “Some clients put GPS (global positioning system) inside so they know where it is all the time.”

SEM puts bar codes on the hard drives slated for destruction so the customer can document the process, he said.

Inside a locked cage along one wall were several cases and military transport containers holding computer components slated for destruction.

“We look at ourselves as being in the security business,” Mr. Dempsey said. “We approach our shredding as a security division. We’re interested in hard drives, cell phones, DVDs, CD-ROMs and unconventional items,” including X-rays, he said.

Mr. Dempsey held pieces of a computer that had gone through a disintegrator, noting that they were a couple of inches in length. Some clients require that their magnetic data items be in smaller pieces, and those go into another machine, which tears them into pieces an eighth of an inch in diameter.

He pointed out that a piece of a CD that goes through an office shredder contains much more information than would be printed on a piece of office paper. Sophisticated equipment could be used to retrieve that information, along with data thought to be deleted from hard drives, cell phones and other electronic devices, he said.

In addition to tearing electronic data equipment into small pieces, SEM can also use a method known as degaussing, or erasing electronic data, before destroying it, he said.

“From a private-industry point of view, degaussing is all you need to do,” Mr. Dempsey said. “What we’re now seeing in Fortune 500 companies is that they’re defaulting to the federal government’s standards that are NSA-approved.”

He said that when companies consider the damage that could result from sensitive information being compromised, data security is increasingly in demand.

“We bring credibility to the table,” he said. “We’re in the security business. Quite a few of our employees have obtained clearances. They get a background check. We do DOD work. Anyone in this room would need a clearance,” he said, referring to those working in the company’s destruction service.

All employees are drug-screened and go through background and criminal checks, he said.

Mr. Dempsey would not talk about the private company’s finances, but said it made $20,000 from its destruction services two years ago and $300,000 this year. The demand is growing, he said.

“We’ve seen an explosion from companies with financial and health care” records. “With some of the information compromises that have been in the press, they’re adapting. We know how to deal with those issues. …Crisis management is not proactive. That happens after data has been compromised.”

He said the company spent 13 months renovating the area now used for destruction services. Now, he wants the operation to be deemed a secure facility so that it can take on the federal government as a client. That could take another year, he said.

“So far, we’ve been under the radar, doing this as a favor for our clients.”

Destruction System reduces SSDs and other Electronic Media to Less Than 0.5mm Particles – Meets DIN E-7

at 4:06 pm by SEM

WESTBORO, MA — The SEM Model SSD1-HS from Security Engineered Machinery reduces solid state devices to waste particles of .5mm squared or less and meets DIN 66399 Standard E-7; smaller than the NSA requirement for sanitization of SSD devices per NSA/CSS EPL 9-12. Absolute destruction through repetitive high speed cutting of memory media ensure all data is properly sanitized.

Storage media is continuously cut until it is small enough to pass through a customer selected waste sizing system to meet customer’s security level or a specific DIN Level. Items that can be destroyed in the Model SSD1-HS include solid state boards, RAM, smart phone / cell phone components, SIM cards, USB flash drives, compact flash and even optical discs. The Model SSD1-HS is a compact, self-contained destruction system with all components housed within a custom enclosure for maximum sound, odor and dust control.

The Model SSD1-HS destruction capacity is dependent on the media being destroyed and the customer selected sizing screen.

An ergonomic operator interface allows easy viewing and control of all machine functions. The Model SSD1-HS features an interlocked feed slide with integrated feeding protocols ensuring proper metering of media through the data sanitization process. Safety interlocks prevent operation when any safety guard or panel is not in place or waste disposal is required. An air filtration system consisting of a carbon pre-filter and HEPA filter is also included.

Security Engineered Machinery, SEM, is an innovative designer and manufacturer of data-destruction equipment located in Westboro Massachusetts. SEM supplies mission critical EOL equipment to the US Federal Government including the DoD and other intelligence agencies, as well as large multinational datacenter operators. SEM’s engineering staff is available to assist customers with special products and systems that will sanitize any media / material down to stakeholder required sanitization levels such as high volume central destruction systems used by nationally recognized commercial banks and healthcare organizations. Areas of expertise include the destruction of hard drives and other mixed media and heavy-duty, high-capacity shredders for recycling applications.

For more information, contact James T. Norris, Norris & Company, 264 Bodwell Street, Avon, MA 02322 Tel: (508) 510-5626, FAX: (508) 510-4180, E-mail: jim@norrisco.com

Security Engineered Machinery Introduces Enterprise Line of Data Destruction Devices

at 4:03 pm by SEM

Security Engineered Machinery Co., Inc. (SEM), global leader in high security information end-of-life solutions, announced the introduction of a line of hard drive destroyers specifically engineered for enterprise drive destruction. The Enterprise Line, which includes rotational and solid state shredders and a disintegrator, is the first of its kind in the data destruction industry.

“We engineered the Enterprise Line to address the needs of our data center clients,” said Nicholas Cakounes, Executive Vice President of SEM. “The overwhelming client feedback we received expressed an imminent need for data destruction devices that could easily handle the larger, thicker, denser enterprise drives commonly found in data center environments.”

The Enterprise Line includes the compact, quiet Model 0315 hard drive shredder designed for office use, as well as the high-volume Model 0305 and Model 0304 shredders. The 0315 shreds up to 90 enterprise rotational hard disk drives (HDDs) and up to 120 enterprise solid state drives (SSDs) per hour at 1.5” final particle size, whereas the industrial grade 0305 and 0304 destroy up to 800 HDDs/1,200 SSDs and 1,400 HDDs/2,000 SSDs per hour, respectively. All three models are available in multiple configurations to accommodate a variety of user requirements: rotational hard disk drive (HDDs) only, solid state drive (SSD) only, and a combo version that destroys both HDDs and SSDs utilizing separate feed openings and cutting chambers. Final particle size for HDDs ranges from 1.5” to 0.75”, and final particle size for SSDs is 0.375”. All shredders in the new Enterprise Line are noted on the NSA/CSS Evaluated Products List (EPL) for HDD Destruction Devices as an approved solution for the “deformation of magnetic media hard drive platters” and are GDPR, NIST 800-88, SOX, FACTA, HIPAA, FISMA, NAID, and DoD compliant.

In addition to the three shredder models, SEM’s new Enterprise Line includes the Model 2SSD Disintegrator engineered to destroy SSDs to a nominal particle size of 2mm². This newly redesigned machine employs an industrial grade, dual stage cutting system with specially enhanced cutting blades and sizing screens to provide maximum throughput in an office environment. Designed with a custom, steel-insulated sound enclosure for maximum sound control, the 2SSD also features an internal carbon-based pre-filter and HEPA air filtration system for operator safety as well as odor and dust control. Click for video.

“After pilot testing the devices with our existing Fortune 50 data center clients, we realized that the Enterprise Line provides the ideal solution to organizations looking to safeguard privacy and mitigate risk in the data center and beyond,” added Andrew Kelleher, President of SEM. “In addition to data centers, security-focused organizations such as the federal government, healthcare providers, and financial institutions are facing increased compliance requirements in parallel with more frequent use of enterprise drives into their data centers. The problem becomes what to do with the drives at end-of-life to maintain privacy and compliance — we are providing that solution.”

All devices in the Enterprise Line are specifically designed for enterprise drive destruction with increased torque, industrial grade construction, and more rugged cutting heads, enabling the system to cut through multiple steel plates, carriers, and other enterprise drive constructed components such as heat sinks and cooling tubes.

SEM Shred

Tag: nsa listed