WipeDrive Data Sanitization Cloud Management
Securely manage IT asset sanitization in compliance with internal data security policies and/or regulatory requirements. WipeDrive Enterprise deploys from the cloud to any global location to securely erase IT assets.
Enjoy the freedom of managing audit reports and data overwrite patterns from a centralized location.
Features
- Data Sanitization for all HDD, SSD & NVMe drives.
- Data Sanitization for removable media USB, SD, etc.
- Wipe data in compliance with GDPR Right To Be Forgotten.
- Datacentre IT asset wiping.
- GDPR audit trail compliance.
- Secure audit reporting.
- Wipe Reports provided to demonstrate compliancy.
- Deployable in standalone, PXE and remote environments.
- Freedom to manage audit reports.
- Hardware details.
Benefits
- Limit liability and exposure from data breaches.
- Secure GDPR audit trail.
- Compliance with internal data security policies.
- Compliance with the GDPR Right To Be Forgotten.
- Proof of IT asset decommissioning.
- Compliance with data sanitization requirements.
- Decreased data breach risk.
- Proof of end of life IT asset decommissioning.
- Hardware audit management.
Pricing
£2.00 a licence
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 11
Service ID
1 8 1 5 1 4 3 6 5 2 0 2 9 6 5
Contact
WhiteCanyon Software
Mark Huffman
Telephone: +44 203.808.5120
Email: mark.huffman@whitecanyon.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- Secure data sanitization
- Cloud deployment model
- Private cloud
- Service constraints
- None
- System requirements
-
- 1 GB RAM or More
- OS Independant
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- 2 Hours. 4 Hours of Off Hours.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- None or don’t know
- How the web chat support is accessible
- Accessible on the WhiteCanyon.com website.
- Web chat accessibility testing
- SnapEngage is an approved Assistive Technology Chat Provider.
- Onsite support
- Onsite support
- Support levels
-
Level 1 Enterprise Support - No Additional Cost
Level 2 Enterprise Support - No Additional Cost
Level 3 Enterprise Support - Depends on License Structure - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Provide onsite and online training and complete user documentation.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- Data can be extracted from internal databases directly to the client and all data wiped.
- End-of-contract process
- Customer has access to extract all data. Any data left after contract will be securely wiped.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 9
- Internet Explorer 10
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Opera
- Application to install
- Yes
- Compatible operating systems
-
- Android
- IOS
- Linux or Unix
- MacOS
- Windows
- Windows Phone
- Other
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- None
- Service interface
- Yes
- Description of service interface
- Service interface through 3rd party global solution.
- Accessibility standards
- None or don’t know
- Description of accessibility
- 3rd party global solution meets accessibility requirements.
- Accessibility testing
- Limited.
- API
- Yes
- What users can and can't do using the API
-
Web service interfaces (REST API) for seamless integration with existing AMS/ERP systems
Full automation requiring minimum user interaction
AD/PSexec integration for user authentication - API documentation
- Yes
- API documentation formats
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Deployment, processes, reporting and overwriting processes can be customized by the vendor.
Scaling
- Independence of resources
- Access is independent of other users or workload volume.
Analytics
- Service usage metrics
- Yes
- Metrics types
- License usage and report storage.
- Reporting types
-
- Real-time dashboards
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- EU-US Privacy Shield agreement locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Other
- Other data at rest protection approach
- We employ encryption, authentication and other mechanisms to protect data.
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- DB or Excel.
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- Other
- Other protection between networks
- Hash encryption, authentication and additional security methods.
- Data protection within supplier network
- Other
- Other protection within supplier network
- We employ multiple methods to protect data on our internal network.
Availability and resilience
- Guaranteed availability
- SLA's provide 24/7 guaranteed availability. Data sanitization tool can be run offline as well.
- Approach to resilience
- We use 3rd party cloud providers to provide resilience. Our service is not mission critical.
- Outage reporting
- Email alerts, public dashboard and an API.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Username or password
- Access restrictions in management interfaces and support channels
- RBAC - Role based access control
- Access restriction testing frequency
- At least once a year
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- Between 1 month and 6 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
- HIPAA Business Associate Certification
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- https://www.whitecanyon.com/privacy-policy
- Information security policies and processes
- https://www.whitecanyon.com/privacy-policy
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- All changes are recorded and published in reports. Any changes are tracked in coding repositories. All changes are tested in Q&A for security conflicts.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- We use independent consultants to ensure that our vulnerability management process is effective. Patches are deployed as soon as they can be created.
- Protective monitoring type
- Undisclosed
- Protective monitoring approach
- We use independent consultants to ensure that our protective monitoring process is effective. Incidents are responded to according to their threat level.
- Incident management type
- Undisclosed
- Incident management approach
- Incidents are managed with a 3rd party bug reporting tool. Support and Development enter issues reported by users. Bugs and patches are tracked through this system.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £2.00 a licence
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- Full version of WipeDrive Enterprise with full wipe and audit reports. Limited to number of hard drive, SSD or NVMe drive wipes.
- Link to free trial
- https://www.whitecanyon.com/request-a-trial?use=trial-wipedrive-enterprise