WipeDrive Data Sanitization Cloud Management
Securely manage IT asset sanitization in compliance with internal data security policies and/or regulatory requirements. WipeDrive Enterprise deploys from the cloud to any global location to securely erase IT assets.
Enjoy the freedom of managing audit reports and data overwrite patterns from a centralized location.
Features
- Data Sanitization for all HDD, SSD & NVMe drives.
- Data Sanitization for removable media USB, SD, etc.
- Wipe data in compliance with GDPR Right To Be Forgotten.
- Datacentre IT asset wiping.
- GDPR audit trail compliance.
- Secure audit reporting.
- Wipe Reports provided to demonstrate compliancy.
- Deployable in standalone, PXE and remote environments.
- Freedom to manage audit reports.
- Hardware details.
Benefits
- Limit liability and exposure from data breaches.
- Secure GDPR audit trail.
- Compliance with internal data security policies.
- Compliance with the GDPR Right To Be Forgotten.
- Proof of IT asset decommissioning.
- Compliance with data sanitization requirements.
- Decreased data breach risk.
- Proof of end of life IT asset decommissioning.
- Hardware audit management.
Pricing
£2.00 per licence
- Education pricing available
Service documents
Framework
G-Cloud 11
Service ID
181514365202965
Contact
Service scope
Software add-on or extension | Yes, but can also be used as a standalone service |
What software services is the service an extension to | Secure data sanitization |
Cloud deployment model | Private cloud |
Service constraints | None |
System requirements |
|
User support
Email or online ticketing support | Email or online ticketing |
Support response times | 2 Hours. 4 Hours of Off Hours. |
User can manage status and priority of support tickets | Yes |
Online ticketing support accessibility | None or don’t know |
Phone support | Yes |
Phone support availability | 9 to 5 (UK time), Monday to Friday |
Web chat support | Web chat |
Web chat support availability | 9 to 5 (UK time), Monday to Friday |
Web chat support accessibility standard | None or don’t know |
How the web chat support is accessible | Accessible on the WhiteCanyon.com website. |
Web chat accessibility testing | SnapEngage is an approved Assistive Technology Chat Provider. |
Onsite support | Onsite support |
Support levels |
Level 1 Enterprise Support - No Additional Cost Level 2 Enterprise Support - No Additional Cost Level 3 Enterprise Support - Depends on License Structure |
Support available to third parties | Yes |
Onboarding and offboarding
Getting started | Provide onsite and online training and complete user documentation. |
Service documentation | Yes |
Documentation formats | |
End-of-contract data extraction | Data can be extracted from internal databases directly to the client and all data wiped. |
End-of-contract process | Customer has access to extract all data. Any data left after contract will be securely wiped. |
Using the service
Web browser interface | Yes |
Supported browsers |
|
Application to install | Yes |
Compatible operating systems |
|
Designed for use on mobile devices | Yes |
Differences between the mobile and desktop service | None |
Accessibility standards | None or don’t know |
Description of accessibility | 3rd party global solution meets accessibility requirements. |
Accessibility testing | Limited. |
API | Yes |
What users can and can't do using the API |
Web service interfaces (REST API) for seamless integration with existing AMS/ERP systems Full automation requiring minimum user interaction AD/PSexec integration for user authentication |
API documentation | Yes |
API documentation formats | |
API sandbox or test environment | Yes |
Customisation available | Yes |
Description of customisation | Deployment, processes, reporting and overwriting processes can be customized by the vendor. |
Scaling
Independence of resources | Access is independent of other users or workload volume. |
Analytics
Service usage metrics | Yes |
Metrics types | License usage and report storage. |
Reporting types |
|
Resellers
Supplier type | Not a reseller |
Staff security
Staff security clearance | Other security clearance |
Government security clearance | Up to Developed Vetting (DV) |
Asset protection
Knowledge of data storage and processing locations | Yes |
Data storage and processing locations | EU-US Privacy Shield agreement locations |
User control over data storage and processing locations | Yes |
Datacentre security standards | Complies with a recognised standard (for example CSA CCM version 3.0) |
Penetration testing frequency | At least once a year |
Penetration testing approach | Another external penetration testing organisation |
Protecting data at rest | Other |
Other data at rest protection approach | We employ encryption, authentication and other mechanisms to protect data. |
Data sanitisation process | Yes |
Data sanitisation type | Explicit overwriting of storage before reallocation |
Equipment disposal approach | A third-party destruction service |
Data importing and exporting
Data export approach | DB or Excel. |
Data export formats | CSV |
Data import formats | CSV |
Data-in-transit protection
Data protection between buyer and supplier networks | Other |
Other protection between networks | Hash encryption, authentication and additional security methods. |
Data protection within supplier network | Other |
Other protection within supplier network | We employ multiple methods to protect data on our internal network. |
Availability and resilience
Guaranteed availability | SLA's provide 24/7 guaranteed availability. Data sanitization tool can be run offline as well. |
Approach to resilience | We use 3rd party cloud providers to provide resilience. Our service is not mission critical. |
Outage reporting | Email alerts, public dashboard and an API. |
Identity and authentication
User authentication needed | Yes |
User authentication | Username or password |
Access restrictions in management interfaces and support channels | RBAC - Role based access control |
Access restriction testing frequency | At least once a year |
Management access authentication | Username or password |
Audit information for users
Access to user activity audit information | Users contact the support team to get audit information |
How long user audit data is stored for | Between 1 month and 6 months |
Access to supplier activity audit information | Users contact the support team to get audit information |
How long supplier audit data is stored for | User-defined |
How long system logs are stored for | User-defined |
Standards and certifications
ISO/IEC 27001 certification | No |
ISO 28000:2007 certification | No |
CSA STAR certification | No |
PCI certification | No |
Other security certifications | Yes |
Any other security certifications | HIPAA Business Associate Certification |
Security governance
Named board-level person responsible for service security | Yes |
Security governance certified | Yes |
Security governance standards | Other |
Other security governance standards | https://www.whitecanyon.com/privacy-policy |
Information security policies and processes | https://www.whitecanyon.com/privacy-policy |
Operational security
Configuration and change management standard | Supplier-defined controls |
Configuration and change management approach | All changes are recorded and published in reports. Any changes are tracked in coding repositories. All changes are tested in Q&A for security conflicts. |
Vulnerability management type | Supplier-defined controls |
Vulnerability management approach | We use independent consultants to ensure that our vulnerability management process is effective. Patches are deployed as soon as they can be created. |
Protective monitoring type | Undisclosed |
Protective monitoring approach | We use independent consultants to ensure that our protective monitoring process is effective. Incidents are responded to according to their threat level. |
Incident management type | Undisclosed |
Incident management approach | Incidents are managed with a 3rd party bug reporting tool. Support and Development enter issues reported by users. Bugs and patches are tracked through this system. |
Secure development
Approach to secure software development best practice | Supplier-defined process |
Public sector networks
Connection to public sector networks | No |
Pricing
Price | £2.00 per licence |
Discount for educational organisations | Yes |
Free trial available | Yes |
Description of free trial | Full version of WipeDrive Enterprise with full wipe and audit reports. Limited to number of hard drive, SSD or NVMe drive wipes. |
Link to free trial | https://www.whitecanyon.com/request-a-trial?use=trial-wipedrive-enterprise |