End-of-life IT Asset Disposal

For Government Contractors

Government contractors must comply with DFARs and NIST 800 guidelines.   Newer requirements for CMMC 2.0 will be more stringent and require additional cybersecurity audits.  The DCMA DIBCAC guidelines provide best practices for the Department of Defense’s (DoD) contractor cybersecurity risk mitigation efforts to protect our national security and Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations. 

To meet NIST SP 800-171 requirement 3.8.3, you must “sanitize or destroy information system media containing CUI before disposal or release for reuse.”

The objective of requirement 3.8.3 is to ensure that your company or government data can not be recovered from media such as removable drives, SSDs, and hard drives when they are disposed of or reused.   A study from NAID  highlighted the risks of failure to follow proper data sanitization procedures when they released a study that showed that 40% of used devices sold on popular e-commerce sites contained PII (Personally Identifiable Information).

Protect your sensitive data

Conflicting cybersecurity standards and regulations for media sanitization can be confusing.   For instance, in addition to NIST 800-88, there are other Data Sanitization and Destruction Standards, including IEEE 2883-2022, NSA/CSS Policy Manual 9-12, and DoD 5220.22-M.

For most government contractors, military branches, and data protection experts, the 2006 DoD 5220.22-M standard has been replaced with the NIST 800-88 (1 Pass) standard.  The 2022 IEEE standard focuses on technology created after the latest revision to NIST 80-88 (2014) and clarifies much of the confusion that often exists in data erasure guidance.

Federal agencies are required to dispose of electronics assets in an environmentally responsible way as outlined in GSA Bulletin FMR B-34 Disposal of Federal Electronic Assets. FMR B-34 requires Federal Electronic Asset (FEA) recyclers to be R2 certified. 

We provide the highest standard of service to all U.S. Government contractors wishing to responsibly dispose of their end-of-life or obsolete devices while maintaining the highest level of data security through our unique end-to-end data destruction process. Government contracting firms face stringent regulations and challenges in the IT asset auditing, disposal, and destruction best practices.

Rapidly changing technologies require frequent IT asset management decisions, including upgrading, migrating, and refreshing hardware—including servers, tablets, phones, drives, and other data storage devices.  A CSDS (Certified Secure Data Destruction Specialist) from Securis can help advise you on whether wiping, degaussing or destroying is most appropriate based on data classification, cost and sustainable practices.

Secure, Compliant, End to End Process

For sophisticated government contractors—particularly those serving Federal government agency clients with sensitive or military critical information–Securis offers much more than just shredding and recycling services. Securis has developed a fully secure, end-to-end process that ensures a compliant, leak-proof chain of custody, which includes:

  • Wiping: This method employs software to wipe data.  Wiping is a more sustainable solution than shredding, as equipment can be reused.
  • Degaussing   Securis applies a powerful demagnetization process called degaussing, which removes all data from a data storage device or electronic media.
  • IT Asset Shredding  Securis provides on-site and off-site shredding of hard drives, electronic media, and other data storage devices to render them unusable and inaccessible.
  • Secure Recycling  Securis is R2v3 certified to provide environmentally friendly IT asset disposal.
  • Secure Chain of Custody  From asset tagging to inventory reporting to access-controlled facilities and vetted technicians, Securis ensures a “leak-proof” end-to-end process.
  • Auditing & Reporting Securis monitors and documents the entire end-to-end process for retiring IT assets. At the end of the process, you will receive a full auditing and reporting inventory and a certificate of destruction.
  • Value Recovery Our Value Recovery program guarantees the highest rate of return on any IT Assets with resale value.
The Securis Process
Certificate of Destruction

THE RESULT?

You have the confidence and proof that your data is totally destroyed and your end of life IT assets are handled in an environmentally responsible manner.  In addition, you can be sure that you will comply with all State and Federal regulations.  For a full list of Securis Certifications please click here.

GOVERNMENT CONTRACTOR CLIENTS INCLUDE:

mantech
Peraton
General Dynamics
Raytheon
Guidehouse
l3 Harris
Northrop Grumman

Our Key IT Asset Disposition Services Include: