{"id":7690,"date":"2025-08-20T15:04:20","date_gmt":"2025-08-20T14:04:20","guid":{"rendered":"https:\/\/www.secure-itad.com\/?p=7690"},"modified":"2026-04-17T21:10:27","modified_gmt":"2026-04-17T20:10:27","slug":"destruction-securisee-de-disques-durs-et-de-disques-ssd-pour-les-entreprises-2","status":"publish","type":"post","link":"https:\/\/www.secure-itad.com\/fr\/destruction-securisee-de-disques-durs-et-de-disques-ssd-pour-les-entreprises-2\/","title":{"rendered":"Les normes de destruction des donn\u00e9es expliqu\u00e9es"},"content":{"rendered":"\n\t<div id=\"text-2213426218\" class=\"text article-underline\">\n\t\t\n\n<p data-start=\"136\" data-end=\"420\">Most businesses know how to protect active data, but many overlook the risk that hides in retired devices.<br data-start=\"243\" data-end=\"246\">One missing hard drive can trigger audits, breach fines and lasting reputational damage. That\u2019s why a secure chain of custody is just as important as data destruction itself.<\/p>\n<p data-start=\"422\" data-end=\"572\">When businesses plan <a href=\"https:\/\/www.secure-itad.com\/uk-european-services\/it-asset-disposal\/\">IT asset disposal (ITAD<\/a>), most focus on the end of the process, shredding old hard drives and SSDs so data can\u2019t be recovered.<\/p>\n<p data-start=\"574\" data-end=\"653\">But what often gets missed is everything that happens before destruction.<\/p>\n<p data-start=\"655\" data-end=\"897\">If data-bearing devices are lost, stolen or tampered with between collection and shredding, your organisation could still face a data breach, even if the drives are eventually destroyed. That\u2019s where the chain of custody becomes critical.<\/p>\n\t\t\t<\/div>\n\t\n\t<div id=\"text-3316594787\" class=\"text article-underline\">\n\t\t\n\n<p><strong>Jump to a section:<\/strong><\/p>\n<ul>\n<li><a href=\"#why-standards-matter\">Why the Standards Matter<\/a><\/li>\n<li><a href=\"#nist-800-88\">NIST 800-88<\/a><\/li>\n<li><a href=\"#iso-27001\">ISO 27001<\/a><\/li>\n<li><a href=\"#ADISA\">ADISA<\/a><\/li>\n<li><a href=\"#DIN -66399\">DIN 66399<\/a><\/li>\n<li><a href=\"#additional-standards\">Additional Guidelines<\/a><\/li>\n<\/ul>\n\t\t\t<\/div>\n\t\n<span class=\"scroll-to\" data-label=\"Scroll to: #why-standards-matter\" data-bullet=\"false\" data-link=\"#why-standards-matter\" data-title=\"Why The Standards Matter\"><a name=\"why-standards-matter\"><\/a><\/span>\n\n\t<div id=\"gap-310555411\" class=\"gap-element clearfix\" style=\"display:block; height:auto;\">\n\t\t\n<style>\n#gap-310555411 {\n  padding-top: 30px;\n}\n<\/style>\n\t<\/div>\n\t\n\n<div class=\"row\"  id=\"row-188375192\">\n\n\n\t<div id=\"col-784706718\" class=\"col small-12 large-12\"  >\n\t\t\t\t<div class=\"col-inner dark\" style=\"background-color:#b3302a;\" >\n\t\t\t\n\t\t\t\n\n\t<div id=\"text-3851174860\" class=\"text article-underline\">\n\t\t\n\n<h2 data-start=\"1197\" data-end=\"1226\">Why These Standards Matter<\/h2>\n<p data-start=\"1228\" data-end=\"1420\">Just deleting files or formatting a drive isn\u2019t enough. If a device leaves your site with recoverable data on it and goes missing in transit or storage, it could be treated as a data breach.<\/p>\n<p data-start=\"1422\" data-end=\"1556\">That means regulatory investigations, possible fines, insurance claims being rejected \u2014 and the risk of serious reputational damage.<\/p>\n<p data-start=\"1558\" data-end=\"1694\">Standards exist to stop that happening. They give everyone a common language and a clear benchmark for what \u201csecure\u201d really means, with:<\/p>\n<ul data-start=\"1696\" data-end=\"1921\">\n<li data-start=\"1696\" data-end=\"1745\">\n<p data-start=\"1698\" data-end=\"1745\">Defined methods for wiping or destroying data<\/p>\n<\/li>\n<li data-start=\"1746\" data-end=\"1799\">\n<p data-start=\"1748\" data-end=\"1799\">Clear guidance on shred sizes and security levels<\/p>\n<\/li>\n<li data-start=\"1800\" data-end=\"1861\">\n<p data-start=\"1802\" data-end=\"1861\">Documentation requirements so you can prove what happened<\/p>\n<\/li>\n<li data-start=\"1862\" data-end=\"1921\">\n<p data-start=\"1864\" data-end=\"1921\">Independent audits and certifications for added assurance<\/p>\n<\/li>\n<\/ul>\n\t\t\t<\/div>\n\t\n\n\t\t<\/div>\n\t\t\t\t\n<style>\n#col-784706718 > .col-inner {\n  padding: 40px 40px 40px 40px;\n  border-radius: 10px;\n}\n<\/style>\n\t<\/div>\n\n\t\n\n<\/div>\n<span class=\"scroll-to\" data-label=\"Scroll to: #nist-800-88\" data-bullet=\"false\" data-link=\"#nist-800-88\" data-title=\"NIST 800-88\"><a name=\"nist-800-88\"><\/a><\/span>\n\n\t<div id=\"gap-1819014194\" class=\"gap-element clearfix\" style=\"display:block; height:auto;\">\n\t\t\n<style>\n#gap-1819014194 {\n  padding-top: 30px;\n}\n<\/style>\n\t<\/div>\n\t\n\n\t<div id=\"text-705410871\" class=\"text article-underline\">\n\t\t\n\n<h2 data-start=\"1928\" data-end=\"1965\">NIST 800-88<\/h2>\n<p data-start=\"1967\" data-end=\"2172\">NIST 800-88 is the standard we see referenced most often in contracts and audits. It was developed by the U.S. National Institute of Standards and Technology, and it\u2019s now widely accepted across the world.<\/p>\n<p data-start=\"2174\" data-end=\"2224\">It sets out three main ways to deal with old data:<\/p>\n<ul data-start=\"2226\" data-end=\"2432\">\n<li data-start=\"2226\" data-end=\"2299\">\n<p data-start=\"2228\" data-end=\"2299\"><strong data-start=\"2228\" data-end=\"2237\">Clear<\/strong> \u2013 overwrite data so it can\u2019t be read through standard tools<\/p>\n<\/li>\n<li data-start=\"2300\" data-end=\"2355\">\n<p data-start=\"2302\" data-end=\"2355\"><strong data-start=\"2302\" data-end=\"2311\">Purge<\/strong> \u2013 use secure erase commands or degaussing<\/p>\n<\/li>\n<li data-start=\"2356\" data-end=\"2432\">\n<p data-start=\"2358\" data-end=\"2432\"><strong data-start=\"2358\" data-end=\"2369\">Destroy<\/strong> \u2013 physically destroy the device so data can never be recovered<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"2434\" data-end=\"2690\">It applies to almost any kind of storage: hard drives, SSDs, tapes, even optical discs.<\/p>\n<p data-start=\"2434\" data-end=\"2690\">And crucially, NIST recognises that <strong data-start=\"2560\" data-end=\"2582\"><a href=\"https:\/\/www.secure-itad.com\/secure-ssd-hdd-shredding-guide\/\">SSDs are different<\/a>,<\/strong>\u00a0because data is scattered across many chips, the only reliable way to destroy them is physical shredding.<\/p>\n<p data-start=\"2434\" data-end=\"2690\"><a href=\"https:\/\/csrc.nist.gov\/pubs\/sp\/800\/88\/r1\/final\" target=\"_blank\" rel=\"noopener\">NIST SP 800-88 Guideline for Media Sanitization<\/a><\/p>\n<p data-start=\"2434\" data-end=\"2690\"><a href=\"https:\/\/www.secure-itad.com\/nist-sp-800-88-rev-2\/\">What NIST SP 800-88 Rev. 2 means for businesses disposing of IT equipment<\/a><\/p>\n\t\t\t<\/div>\n\t\n<span class=\"scroll-to\" data-label=\"Scroll to: #iso-27001\" data-bullet=\"false\" data-link=\"#iso-27001\" data-title=\"ISO 27001\"><a name=\"iso-27001\"><\/a><\/span>\n\n\t<div id=\"gap-2087240796\" class=\"gap-element clearfix\" style=\"display:block; height:auto;\">\n\t\t\n<style>\n#gap-2087240796 {\n  padding-top: 30px;\n}\n<\/style>\n\t<\/div>\n\t\n\n\t<div id=\"text-1968949577\" class=\"text article-underline\">\n\t\t\n\n<h2 data-start=\"2697\" data-end=\"2748\">ISO 27001 \u2014 Proving You Have the Right Processes<\/h2>\n<p data-start=\"2750\" data-end=\"2863\">ISO 27001 is less about how you destroy data, and more about<strong> showing that you have secure processes in place.<\/strong><\/p>\n<p data-start=\"2865\" data-end=\"2991\">It\u2019s an international framework for managing information security.<br data-start=\"2931\" data-end=\"2934\">To achieve it, organisations must have policies covering:<\/p>\n<ul data-start=\"2993\" data-end=\"3148\">\n<li data-start=\"2993\" data-end=\"3057\">\n<p data-start=\"2995\" data-end=\"3057\">How data-bearing assets are tracked, handled and disposed of<\/p>\n<\/li>\n<li data-start=\"3058\" data-end=\"3094\">\n<p data-start=\"3060\" data-end=\"3094\">Who is responsible at each stage<\/p>\n<\/li>\n<li data-start=\"3095\" data-end=\"3148\">\n<p data-start=\"3097\" data-end=\"3148\">What evidence is kept to prove it was done securely<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"3150\" data-end=\"3323\">ISO 27001 doesn\u2019t mention shred sizes or wiping tools, but it does expect you to demonstrate that devices are disposed of securely and that you can prove it during an audit.<\/p>\n<p data-start=\"3325\" data-end=\"3504\">We design our ITAD process to align with ISO 27001 controls \u2014 because even if you\u2019re not certified yourself, your clients or auditors may expect you to follow the same principles.<\/p>\n<p data-start=\"3325\" data-end=\"3504\"><a href=\"https:\/\/www.iso.org\/standard\/27001\" target=\"_blank\" rel=\"noopener\">ISO\/IEC 27001:2022 &#8211; Information Security Management Systems<\/a><\/p>\n\t\t\t<\/div>\n\t\n<span class=\"scroll-to\" data-label=\"Scroll to: #ADISA\" data-bullet=\"false\" data-link=\"#ADISA\" data-title=\"ADISA\"><a name=\"ADISA\"><\/a><\/span>\n\n\t<div id=\"gap-743234582\" class=\"gap-element clearfix\" style=\"display:block; height:auto;\">\n\t\t\n<style>\n#gap-743234582 {\n  padding-top: 30px;\n}\n<\/style>\n\t<\/div>\n\t\n\n\t<div id=\"text-3852984210\" class=\"text article-underline\">\n\t\t\n\n<h2><span data-preserver-spaces=\"true\">ADISA \u2014 Independent UK Certification for ITAD Providers<\/span><\/h2>\n<p>While NIST and ISO are global standards, ADISA is a UK-based certification scheme created specifically for IT asset disposal companies like us.<\/p>\n<p><span data-preserver-spaces=\"true\">ADISA audits the way we handle data-bearing devices end to end \u2014 from collection and secure transport, to shredding and recycling. It checks things like:<\/span><\/p>\n<ul>\n<li><span data-preserver-spaces=\"true\">Staff vetting<\/span><\/li>\n<li><span data-preserver-spaces=\"true\">Transport security<\/span><\/li>\n<li><span data-preserver-spaces=\"true\"><a href=\"https:\/\/www.secure-itad.com\/chain-of-custody-it-asset-disposal\/\">Chain of custody<\/a> controls<\/span><\/li>\n<li><span data-preserver-spaces=\"true\">How effective our data sanitisation methods are<\/span><\/li>\n<\/ul>\n<p><span data-preserver-spaces=\"true\">For organisations in government, defence and other regulated sectors, ADISA certification is often a requirement.<\/span><\/p>\n<p><span data-preserver-spaces=\"true\"> It\u2019s a simple way to know your ITAD provider has been independently assessed and meets strict security standards.<\/span><\/p>\n<p><a href=\"https:\/\/adisacertification.com\/\" target=\"_blank\" rel=\"noopener\">ADISA Certification<\/a><\/p>\n\t\t\t<\/div>\n\t\n<span class=\"scroll-to\" data-label=\"Scroll to: #DIN -66399\" data-bullet=\"false\" data-link=\"#DIN -66399\" data-title=\"DIN 66399\"><a name=\"DIN -66399\"><\/a><\/span>\n\n\t<div id=\"gap-369751943\" class=\"gap-element clearfix\" style=\"display:block; height:auto;\">\n\t\t\n<style>\n#gap-369751943 {\n  padding-top: 30px;\n}\n<\/style>\n\t<\/div>\n\t\n\n\t<div id=\"text-1480515679\" class=\"text article-underline\">\n\t\t\n\n<h2 data-start=\"4233\" data-end=\"4273\">DIN 66399<\/h2>\n<p data-start=\"4275\" data-end=\"4431\">DIN 66399 is a German\/EU standard that defines how small data fragments must be after physical destruction.<\/p>\n<p data-start=\"4275\" data-end=\"4431\">It\u2019s what we use to set our shred size levels.<\/p>\n<p data-start=\"4433\" data-end=\"4505\">There are seven security levels (H-1 to H-7) for hard drives and SSDs.<\/p>\n<ul data-start=\"4507\" data-end=\"4638\">\n<li data-start=\"4507\" data-end=\"4582\">\n<p data-start=\"4509\" data-end=\"4582\"><strong data-start=\"4509\" data-end=\"4524\">H-5 (\u226410mm)<\/strong> and <strong data-start=\"4529\" data-end=\"4543\">H-6 (\u22645mm)<\/strong> are the norm for most corporate data<\/p>\n<\/li>\n<li data-start=\"4583\" data-end=\"4638\">\n<p data-start=\"4585\" data-end=\"4638\"><strong data-start=\"4585\" data-end=\"4599\">H-7 (\u22642mm)<\/strong> is used for top-secret government data<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"4640\" data-end=\"4788\">This standard matters because it gives you something measurable to prove the data can\u2019t be reconstructed, not just a promise that \u201cit\u2019s destroyed.\u201d<\/p>\n<p data-start=\"4640\" data-end=\"4788\"><a href=\"https:\/\/din66399.eu\/\" target=\"_blank\" rel=\"noopener\">DIN 66399 Physical Data Destruction<\/a><\/p>\n\t\t\t<\/div>\n\t\n<span class=\"scroll-to\" data-label=\"Scroll to: #additional-standards\" data-bullet=\"false\" data-link=\"#additional-standards\" data-title=\"More Data Destruction Standards\"><a name=\"additional-standards\"><\/a><\/span>\n\n\t<div id=\"gap-699795651\" class=\"gap-element clearfix\" style=\"display:block; height:auto;\">\n\t\t\n<style>\n#gap-699795651 {\n  padding-top: 50px;\n}\n<\/style>\n\t<\/div>\n\t\n\n\t<div id=\"text-3846191259\" class=\"text article-underline\">\n\t\t\n\n<h2 data-start=\"4795\" data-end=\"4841\">PCI DSS, GDPR and Other Rules to Know About<\/h2>\n<p data-start=\"4843\" data-end=\"4929\">You\u2019ll often see other regulations mentioned alongside the main destruction standards:<\/p>\n<ul>\n<li data-start=\"4933\" data-end=\"5052\"><strong>PCI DSS <\/strong>\u2014 covers payment card data, and requires secure destruction of cardholder data when it\u2019s no longer needed<\/li>\n<li data-start=\"5055\" data-end=\"5152\"><strong>GDPR \/ UK GDPR<\/strong> \u2014 requires you to make personal data \u201cirretrievable\u201d and be able to prove it<\/li>\n<li data-start=\"5155\" data-end=\"5280\"><strong>NHS DSPT, FCA and MoD contracts<\/strong> \u2014 often mandate physical destruction and a full chain of custody for data-bearing devices<\/li>\n<\/ul>\n<p data-start=\"5282\" data-end=\"5413\">These rules don\u2019t tell you exactly how to destroy data, but they do make you legally responsible for proving it\u2019s gone forever.<\/p>\n\t\t\t<\/div>\n\t\n\t<div id=\"gap-1756706224\" class=\"gap-element clearfix\" style=\"display:block; height:auto;\">\n\t\t\n<style>\n#gap-1756706224 {\n  padding-top: 30px;\n}\n<\/style>\n\t<\/div>\n\t\n\n<h2 data-start=\"1111\" data-end=\"1145\">Bringing the Standards Together<\/h2>\n<p data-start=\"1147\" data-end=\"1273\">With so many acronyms and frameworks, it\u2019s easy to feel unsure which data destruction standards your business should follow.<\/p>\n<p data-start=\"1275\" data-end=\"1383\">The reality is, you don\u2019t need to choose between them \u2014 you just need a provider who already meets them all.<\/p>\n<p data-start=\"1385\" data-end=\"1446\">At Secure ITAD, we\u2019ve built our entire process to align with:<\/p>\n<ul>\n<li data-start=\"1450\" data-end=\"1521\"><strong data-start=\"1450\" data-end=\"1465\">NIST 800-88<\/strong> \u2014 internationally recognised data destruction methods<\/li>\n<li data-start=\"1524\" data-end=\"1582\"><strong data-start=\"1524\" data-end=\"1537\">ISO 27001<\/strong> \u2014 documented, auditable security processes<\/li>\n<li data-start=\"1585\" data-end=\"1667\"><strong data-start=\"1585\" data-end=\"1608\">ADISA certification<\/strong> \u2014 independent UK auditing of our end-to-end ITAD service<\/li>\n<li data-start=\"1670\" data-end=\"1725\"><strong data-start=\"1670\" data-end=\"1683\">DIN 66399<\/strong> \u2014 certified shred sizes for HDDs and SSDs<\/li>\n<\/ul>\n<p data-start=\"1727\" data-end=\"1853\">This means you get full compliance, audit-ready evidence, and peace of mind \u2014 without having to decode the standards yourself.<\/p>\n\t<div id=\"gap-1132746646\" class=\"gap-element clearfix\" style=\"display:block; height:auto;\">\n\t\t\n<style>\n#gap-1132746646 {\n  padding-top: 30px;\n}\n<\/style>\n\t<\/div>\n\t\n\n<hr>\n<p data-start=\"149\" data-end=\"337\">There\u2019s a lot of jargon around data destruction, but at its core, it comes down to one simple thing: <strong>you need to be able to prove your data is gone, and that it can never come back.<\/strong><\/p>\n<p data-start=\"339\" data-end=\"556\">Working to recognised standards takes away the guesswork. It protects your organisation from data breaches, satisfies auditors and regulators, and gives you confidence that old devices won\u2019t become a future liability.<\/p>\n<p data-start=\"558\" data-end=\"724\">At Secure ITAD, we build those standards into everything we do \u2014 so you can get on with your work, knowing your data is handled safely from collection to destruction.<\/p>\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":7707,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[76],"tags":[],"class_list":["post-7690","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guides"],"_links":{"self":[{"href":"https:\/\/www.secure-itad.com\/fr\/wp-json\/wp\/v2\/posts\/7690","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.secure-itad.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.secure-itad.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.secure-itad.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.secure-itad.com\/fr\/wp-json\/wp\/v2\/comments?post=7690"}],"version-history":[{"count":24,"href":"https:\/\/www.secure-itad.com\/fr\/wp-json\/wp\/v2\/posts\/7690\/revisions"}],"predecessor-version":[{"id":13678,"href":"https:\/\/www.secure-itad.com\/fr\/wp-json\/wp\/v2\/posts\/7690\/revisions\/13678"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.secure-itad.com\/fr\/wp-json\/wp\/v2\/media\/7707"}],"wp:attachment":[{"href":"https:\/\/www.secure-itad.com\/fr\/wp-json\/wp\/v2\/media?parent=7690"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.secure-itad.com\/fr\/wp-json\/wp\/v2\/categories?post=7690"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.secure-itad.com\/fr\/wp-json\/wp\/v2\/tags?post=7690"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}