Security is a priority at CDR Global Inc., which is why our facility has certain measures in place to prevent your data from falling into the wrong hands. Each department has different security measures based on the equipment being handled, processes in place, and data destruction methods. A minimum of two access control points are in place to protect who has authorization to conduct data destruction procedures on devices. However, facility control doesn’t begin here, but rather with the hiring process.
The human resources department screens each applicant in the pre-hire process. Candidates are chosen based on experience, work history, culture index surveys, and background check results. Each of these factors contributes to compliance measures set out by R2 Certification and NAID membership. All employees are subject to employment verification, random drug test screening, and must undergo training before being allowed access to the controlled areas.
INTERNAL SECURITY MEASURES
No matter the location, all facilities provide unique challenges to facility security measures, which is why creative solutions often play a vital role. For example, the shape of the building could determine what safety measures are most appropriate for securing departments. There are three levels of security for entrance at CDR Global Inc.:
- Private security located at the front desk,
- An access control point requiring a key card for admittance, and
- Metal detectors prior to entering the warehouse. All personal electronic devices must be stored in an employee’s car, locker, or remain with security to enter the warehouse.
Security cameras allow for 24/7 surveillance of every area of the facility and grounds for optimal protection. An internal alarm system with motion detection sensors will alert private security and authorities if a breach has been made during any unauthorized times. Before an employee can leave at the end of their shift, they go through a two-step security process, viz. metal detectors and wands, to ensure data secure devices are not exiting the grounds.
Each department is responsible for administering data destruction methods according to vendor specifications. However, the process for securing data destruction begins at the front door with control access. After going through metal detectors, employees who work with data bearing devices are then required to go through a second access control point for departments that administer data destruction methods. This creates a third layer of protection from unauthorized individuals; often in the form of employees coming and going from different departments near where data destruction takes place. Employees who move into data destruction departments must be trained prior to accessing data bearing devices. For instance, in the PCs department, the chain of custody continues with drive extraction, data wiping software, itemized counts for inbound orders, and then to a secondary location (also access controlled) for data destruction in an array for recording purposes. Some hard drives are shredded upon request, or if the data erasure software fails to securely wipe the data bearing device. Devices transported from department to department are secured in storm cases to secure items from possible breaches or separation from the responsible party.
Have more questions?
Our team of experts can help! Contact us HERE for more information on our ITAD process and services. Together we can make a difference in our communities and around the world.