e-End of Frederick provides data security services to federal agencies and other companies for the prevention of data breaches.
"The days of smashing hard drives with a hammer are gone," says Arleen Chafitz, CEO of e-End, a Frederick, MD-based firm specializing in secure data destruction and electronics recycling. "Companies are beginning to understand that they have to rely on more than just a staff member saying they've destroyed sensitive data." Improperly sanitized hard drives or unsecured hard drives create the potential for massive amounts of personal information, emails and other sensitive information to be stolen by data thieves.
Unfortunately, numerous federal agencies and companies of all sizes have been learning that improper erasure or attempted destruction of data using poor techniques raises the risk of breaches that can result in hefty fines and other serious consequences.
To assure clients the data on their electronic media has been destroyed and cannot be recovered, e-End has once again been awarded the NAID AAA Certification from the National Association for Information Destruction.
"Considering how often the phrase 'Data Breach' now appears in the news, businesses and organizations are rethinking how they're securing the information they've been entrusted with," added Chafitz. "The re-certification of our NAID AAA Certification tells our customers we will destroy the data on their hard drives, cell phones and other electronic media, and the data will be 100% unrecoverable by any means."
The internationally-recognized NAID Certification Program was developed to create standards for a secure destruction process. Areas of focus include facility security, employee hiring and screening, and extensive training on the proper procedures for data destruction. All employees are required to pass a background check and drug screening before being hired, with random screenings throughout the year. NAID AAA Certified organizations are audited yearly, and subject to unannounced audits, by accredited security professionals to ensure compliance.
According to Chafitz, "Formatting or deleting data on a hard drive won't destroy the data, and your IT Department isn't able to self-certify their work when they say the data is destroyed. To guarantee total data destruction and to make sure you're meeting legal obligations for data security, agencies and companies need to look to certified third parties specializing in data sanitization. Only by using proper erasure procedures with guidance from agencies like the NSA and National Institute of Science and Technology (NIST) can you be 100% certain all data is destroyed."