WipeDrive Data Sanitization Cloud Management
Securely manage IT asset sanitization in compliance with internal data security policies and/or regulatory requirements. WipeDrive Enterprise deploys from the cloud to any global location to securely erase IT assets.
Enjoy the freedom of managing audit reports and data overwrite patterns from a centralized location.
- Data Sanitization for all HDD, SSD & NVMe drives.
- Data Sanitization for removable media USB, SD, etc.
- Wipe data in compliance with GDPR Right To Be Forgotten.
- Datacentre IT asset wiping.
- GDPR audit trail compliance.
- Secure audit reporting.
- Wipe Reports provided to demonstrate compliancy.
- Deployable in standalone, PXE and remote environments.
- Freedom to manage audit reports.
- Hardware details.
- Limit liability and exposure from data breaches.
- Secure GDPR audit trail.
- Compliance with internal data security policies.
- Compliance with the GDPR Right To Be Forgotten.
- Proof of IT asset decommissioning.
- Compliance with data sanitization requirements.
- Decreased data breach risk.
- Proof of end of life IT asset decommissioning.
- Hardware audit management.
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||Secure data sanitization|
|Cloud deployment model||Private cloud|
|Email or online ticketing support||Email or online ticketing|
|Support response times||2 Hours. 4 Hours of Off Hours.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||Web chat|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||None or don’t know|
|How the web chat support is accessible||Accessible on the WhiteCanyon.com website.|
|Web chat accessibility testing||SnapEngage is an approved Assistive Technology Chat Provider.|
|Onsite support||Onsite support|
Level 1 Enterprise Support - No Additional Cost
Level 2 Enterprise Support - No Additional Cost
Level 3 Enterprise Support - Depends on License Structure
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||Provide onsite and online training and complete user documentation.|
|End-of-contract data extraction||Data can be extracted from internal databases directly to the client and all data wiped.|
|End-of-contract process||Customer has access to extract all data. Any data left after contract will be securely wiped.|
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||None|
|Description of service interface||Service interface through 3rd party global solution.|
|Accessibility standards||None or don’t know|
|Description of accessibility||3rd party global solution meets accessibility requirements.|
|What users can and can't do using the API||
Web service interfaces (REST API) for seamless integration with existing AMS/ERP systems
Full automation requiring minimum user interaction
AD/PSexec integration for user authentication
|API documentation formats|
|API sandbox or test environment||Yes|
|Description of customisation||Deployment, processes, reporting and overwriting processes can be customized by the vendor.|
|Independence of resources||Access is independent of other users or workload volume.|
|Service usage metrics||Yes|
|Metrics types||License usage and report storage.|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||EU-US Privacy Shield agreement locations|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Other|
|Other data at rest protection approach||We employ encryption, authentication and other mechanisms to protect data.|
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||DB or Excel.|
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||Other|
|Other protection between networks||Hash encryption, authentication and additional security methods.|
|Data protection within supplier network||Other|
|Other protection within supplier network||We employ multiple methods to protect data on our internal network.|
Availability and resilience
|Guaranteed availability||SLA's provide 24/7 guaranteed availability. Data sanitization tool can be run offline as well.|
|Approach to resilience||We use 3rd party cloud providers to provide resilience. Our service is not mission critical.|
|Outage reporting||Email alerts, public dashboard and an API.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||RBAC - Role based access control|
|Access restriction testing frequency||At least once a year|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||Between 1 month and 6 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||HIPAA Business Associate Certification|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||https://www.whitecanyon.com/privacy-policy|
|Information security policies and processes||https://www.whitecanyon.com/privacy-policy|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||All changes are recorded and published in reports. Any changes are tracked in coding repositories. All changes are tested in Q&A for security conflicts.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||We use independent consultants to ensure that our vulnerability management process is effective. Patches are deployed as soon as they can be created.|
|Protective monitoring type||Undisclosed|
|Protective monitoring approach||We use independent consultants to ensure that our protective monitoring process is effective. Incidents are responded to according to their threat level.|
|Incident management type||Undisclosed|
|Incident management approach||Incidents are managed with a 3rd party bug reporting tool. Support and Development enter issues reported by users. Bugs and patches are tracked through this system.|
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£2.00 per licence|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||Full version of WipeDrive Enterprise with full wipe and audit reports. Limited to number of hard drive, SSD or NVMe drive wipes.|
|Link to free trial||https://www.whitecanyon.com/request-a-trial?use=trial-wipedrive-enterprise|