The SDD Master is listed in the NS/CSS Evaluated Product List and is accepted by the UK National Cyber Security Centre (Formally CESG) as meeting the highest level degaussing standard.
NSA: The NSA is an agency of the US government which is responsible for protecting U.S. government communications and information systems. The NSA publishes guidance on the sanitization (erasure), declassification, and release of storage devices for disposal or recycling in the “NSA CSS Policy Manual 9-12, NSA/CSS Storage Device Declassification Policy Manual”. Within this, the NSA publish the EPL-Degausser (Evaluated Products List – Degausser) which specifies the current degaussers that have been evaluated against and found to satisfy the requirements for erasure of magnetic storage devices that retain sensitive or classified data. The SDD-Master has been tested and evaluated by the NSA.
The UK Government Cyber Security Centre (Formally CESG) accepts that products on the NSA Degausser Evaluated Product List as meeting the highests level degaussing standard (TOP SECRET)
Many government agencies are required to manage their data security to detailed government specifications which would require them to buy an approved degausser. Safe and secure data disposal is critical within the military which is why the Department of Defense (DOD) also adheres to the guidelines outlined out in the NSA CSS Policy Manual 9-12 for the destruction of classified material. In addition, if an organization is involved in managing highly sensitive or confidential information such as financial, medical, education, personal and legal information, they must be vigilant in how they deal with the disposal of such information and the use of an approved degausser would be highly recommended.
Security of data is also a legal requirement under the UK’s Data Protection Act 1998 and the European Data Protection
The SDD Master also complies with the following Government Mandates that require destruction of sensitive information stored on Hard Drives and Backup Tapes before their disposal.
- PCI DSS (Payment Card Industry) Data Security Standard
- GDPR (General Data Protection Regulation)
- PIPEDA (Personal Information Protection and Electronic Documents Act)
- NIST (National Institute of Standards and Technology) Guidelines for Media Sanitization NIST.SP.800-88r1
- NIST (National Institute of Standards and Technology) Guidelines for Media Sanitization NIST SP 800-36
- Gramm-Leach-Bliley Act (GLBA)
- HIPAA (Health Information Portability and Accountability Act)
- California SB-1386
- Bank Secrecy Act (BSA)