|Revisions||Added new section about special case devices which have failed rendering them static which hinders the wiping procedure.|
When Pipe Ten or its customers data is no longer required, the policy within outlines how it is securely wiped or otherwise disposed of.
This policy applies to all Pipe Ten Hosting Ltd or customer data, where Pipe Ten Hosting Ltd has ultimate responsibility for the secure disposal of the data.
Standard Policy Procedure
On agreed decommission of data; such as on closure of account or prior to enacting the Hardware Destruction Policy, the data will be securely deleted in a way which prevents recovery.
In the case of shared operating systems with shared disk allocation, where disk allocation re-use may occur but recovery is not possible, a simple deletion will suffice.
In the case of dedicated operating systems with dedicated disk allocation, the following two scenarios apply:
- Default Secure Wipe – DBAN using DOD 5220.22-M 3 pass without certification, free of charge.
- Enterprise Secure Wipe – WipeDrive Enterprise exceeding Sarbanes-Oxley, HIPAA, NIAP’s EAL4+, DOD 5220.22-M 7 pass, CSEC ITSG-06 and includes wipe certification, billable at advertised rates. Compatible with GDPR chain of custody and deletion verification.
In the even of disk failure, where the disk has suffered some kind of hardware failure and cannot be subjected to the standard policy procedure. All staff members carry out the standard policy procedure but take special care with the disk in transit from DC to Crushing facility as there may still be data present on the disks.
In most circumstances, Pipe Ten will perform a Default Secure Wipe as defined above.
In some circumstances, Pipe Ten may pro-actively choose to perform a Enterprise Secure Wipe as defined above.
In all other circumstances, it is the customers responsibility to define the level of wipe required in advance.
The prevailing rate for enterprise secure wipe, unless advertised elsewhere, is £ 45+VAT per incident and £ 10+VAT per physical device.