Looking at web sites of Secure IT Disposal companies, two things are apparent. The first is that its only the serious hard disk destruction guys who really bother with any standards at all. The second is that there is a wide range not only of information destruction standards but also of other accreditations as well. It appears at this stage that following computer recycling may be relevant:
- BS 8470:2006 Secure Destruction of Confidential Material
- BS 7858:2006 Security Screening of Individuals Employed in a Security Environment
- BS7799 Information Security Management System
I keep reminding myself in the face of the scale of the task ahead, that accreditations are the main barrier to entry in this market and are vital to the whole project. Its comparatively easy to set-up a WEEE recycling business. Securely wiping or destroying data is more difficult but accreditations represent the biggest challenge.
Based on account recorded in historical diary