What do hard drive destruction services do?

They collect and destroy computer hard drives that are no longer used. They destroy the hard drives in a specialist shredder, which shreds hard drives into very small pieces so the data can’t be recovered.

Hard drive destruction services either:

  • destroy hard drives on-site, or
  • securely transport them to their own premises and destroy them there

Why you must destroy your hard drive securely

Your computer hard drive can contain sensitive information about your company, and destroying it correctly is crucial to ensure that information doesn’t end up in the wrong hands.

 Not destroying a hard drive securely could mean:

  • your business suffers financial damage through a data security breach
  • your company is failing to comply with GDPR, the new data protection regulation

The most secure way to destroy a hard drive is to shred it

Hard drive destruction involves physically shredding it so the information on it can’t be recovered.

Hard drives are made up of a number of disks called platters. Fully shredding a hard drive means all of the information on each platter is destroyed.

There are alternatives to shredding, such as:

  • formatting—this deletes the address tables a computer uses to find and read data, it doesn’t actually delete the data from the disk
  • degaussing—using a magnet to scramble the data on the hard drive
  • erasing the data

However, these don’t completely destroy the information, and thieves can still use special software to recover the data.

Punching or drilling holes in the hard drive also doesn’t work as some of the data may still be recoverable.

The only way to be sure is to completely shred the disk into small pieces that can’t be put back together.

What about other devices that carry data?

As well as computer hard drives, you may want to destroy data on tapes, CDs and memory sticks. The most secure way to do this is to shred them.

You can find out more about the other devices that shredders can destroy here.

Hard drive destruction software vs shredding

Your two main options for dealing with hard drives you no longer need are to:

  • wipe the data from the hard drive using hard drive destruction software—also known as data cleaning or data sanitisation
  • destroy the hard drive completely by physically shredding it so the pieces can’t be restored and the data can’t be recovered

Below we look at the pros and cons of each option.

Hard drive destruction software

You can destroy the data on your hard drive yourself by purchasing or downloading hard drive destruction software. It’s important to note though that data recovery software is advancing all the time, so although the data may not be recoverable after wiping now, it could be in the future?

Pros

Cons

Hard drive can be reused or resold

Can take a long time to wipe a hard drive

 

Software can’t remove data from disconnected or failed hard drives

 

Data won’t be fully removed, meaning thieves could still recover it

Hard drive destruction by shredding

Some shredding companies offer a service to physically destroy hard drives by shredding them.

Pros

Cons

Data can’t be restored as disk is physically shredded

Hard drive can’t be reused or resold

You’ll get a certificate to prove that the data has been securely destroyed

Not choosing a reputable company could put your data at risk if hard disks are shredded off-site

Ensures you’re complying with GDPR

 

Ultimately, although there are ways to remove data from a hard drive without destroying it, not destroying it means there will always be a risk that someone could recover the information left on it.

How secure are professional hard drive destruction services?

Using a hard drive destruction service is the most secure way to destroy a hard drive, provided that the company uses secure methods and is trustworthy.

A reputable hard drive shredding company will do the following:

  • Shred the hard drives in-house and not outsource the task to a third party
  • Provide you with secure, tamper-proof containers to store your hard drives in
  • Collect your hard drives in the secure containers and either:
    • shred them on-site in a specialist mobile shredding vehicle, or
    • take the hard drives (in the secure containers) to shred at its premises
  • Use industrial-grade shredders to shred the hard drives into small pieces so the data can’t be recovered
  • Have highly trained, security-vetted staff with identification tags
  • Give you a certificate of destruction after destroying the hard drives
  • Have case studies and testimonials from other customers
  • Have relevant certification, such as the following:
    • Certificate of registration with the Information Commissioner’s Office
    • Proof that it complies with GDPR
    • ISO certification and environmental licenses that show the company is certified to collect, process and destroy or resell confidential materials and do so in an environmentally friendly way

You can view all of Russell Richardson’s certificates here.

How to make hard drive destruction more secure

If you choose a professional hard drive destruction service, your data will be safe. However, if you want to take extra steps to ensure your company data is secure, try the following:

  • If you’re concerned about how your hard drives will be taken away for destruction, choose to have them destroyed on-site, so you know for certain what’s happened to your data.
  • Wipe your hard drives before you put them in the secure container for shredding. There are two ways to do this:
    • Use hard drive destruction software to wipe the disk (however, this will take time and the data may still be recoverable)
    • Use magnets to degauss the disk—strong magnets can scramble the data on a hard drive so it’s unreadable. However, degaussing doesn’t destroy the data—it just makes it harder to read and recover, should it fall into the wrong hands

You can read more about how degaussing works on the Government’s National Cyber Security Centre website.

Certificate of destruction for hard drives

Any credible shredding company will provide a certificate of destruction for the waste they destroy.

A certificate of destruction is a formal document the waste disposal company issues to prove it has disposed of your hard disks (or any other confidential waste) securely.

You may need a certificate of destruction to comply with your confidential waste policy if your company has one.

The main purpose of a certificate of destruction is:

To demonstrate that your company’s sensitive data is no longer at risk and your company is complying with relevant data protection laws. The certificate is part of your audit trail and will help protect your company during an audit or if it faces any legal action.

At Russell Richardson, we recommend our customers keep their certificate of destruction for at least two years.

What does a certificate of destruction look like?

This will vary from company to company, but a certificate of destruction should include the following information:

  • The date the certificate was issued
  • Your company’s name and contact details
  • The date the confidential waste was collected
  • The type of waste collected
  • A unique transaction number
  • The name and address of the company that dealt with the confidential waste
  • A signature to confirm the waste has been collected, handled and destroyed securely

You can view a sample certificate of destruction here.

How much does it cost to destroy a hard drive?

This will depend on the number of hard drives you need to destroy and whether they’re going to be destroyed on-site or off-site. You can expect to pay anything from £3 to £20 per hard drive.

To find out how much Russell Richardson will charge to securely destroy your company hard drives, contact us today on 0800 294 6552 or visit our contact us page here.

You can read more about our media and IT shredding services here and about our paper shredding services here.