Services

Why is SCC Technology Refurbishment and Disposal Centre the solution of choice by socially responsible and regulatory compliant customers:

1. Introduction: In today’s world there is an increasing demand for products that erase and overwrite data permanently from computer hard disks. This is due to the fact that computers are in use for shorter period of time, and that leasing and renting workstations is increasing. This progress increases the risk of confidential data on the computer hard disks falling into wrong hands when reused. Our Neo Park Security provision is made to protect:
    

• Clients data and equipment
• Legal compliance for customers and SCC
• 100% secure data destruction ensures compliance with FISMA, HIPAA, SOX, FACT ACT and GLBA.
• Approved software with Certifications, referrals or confirmations from CESG, NSTL, TUV, NSM, USA DoD and NATO
• Protected data of clients and organisations and SCC IT equipment

2. Client Feedback and Assessment: In continuing to provide services to clients in all sectors of our economy, we welcome customer feedback and on-site assessment from clients to strengthen our mutual security
    
3. Our legal obligations: Removal of confidential data when the used computer is passed on to another organisation is a legal requirement under the Data Protection Act 1998. As well as making obvious sense where the data is classified or commercially confidential. Failure to eradicate data can not only render the data creator liable for a fine but could also include the costs of remedying the breach, which may run into a significant cost.
    
4. Data Erasure process: Today SCC is the only facility in the UK to have TRUE recycling, data erasure, remarketing & secure HDD destruction all under one roof within the same facility. This is further strengthened with an UK field service engineering force in excess of 800 heads. Guaranteed data destruction and bespoke solutions tailored to support any of the approved erasure patterns:
    

• Air Force System Security Instructions 5020
• Bruce Schneier's algorithm
• BSI (German overwrite standard by Federal Office for Information Security)
• German Standard VSITR
• HMG Infosec Standard No: 5 (baseline) [Note! Certified versions: 4.8 HMG and 3.7r1]
• HMG Infosec Standard No: 5 (enhanced) [Note! Certified versions: 4.8 HMG and 3.7r1]
• Navy Staff Office Publication (NAVSO P-5239-26) for RLL
• NSA (Overwrite standard by National Security Agency)
• OPNAVINST 5239.1A
• Peter Gutmann's algorithm
• The National Computer Security Centre (NCSC-TG-025)
• U.S. Department of Defence Sanitizing (DOD 5220.22-M, DOD 5220.22-M ECE)
• US Army AR380-19
• NIST 800-88/ATA secure erase
• Extended NIST 800-88

Fully integrated recycling solution, with the flexibility to create a dedicated data erasure solution that conforms with (IL6) of the HMG Infosec 5 Standard Manual “S”. A pool of Technically competent and SC security cleared staff that are able to process any IT equipment that is presented. All stock is processed via a Conveyor system to control linear production flow & ensure SLA driven targets. SCC also has the ability to switch to 24/7 operation when required to deal with bulk deliveries. We also have extensive capabilities to offer a secure on site data erasure solution, that conforms with (IL6) of the HMG Infosec 5 Standard Manual “S”. Providing data erasure certification and asset management reports against products processed.

Physically Defective Hard Disk drives: Where hard disk drives are found to be physically defective and the data erasure process is unable to be initiated, The drives are recorded and securely stored to follow a data de-classification process. The procedure is processed via UK Government approved equipment and Secure HDD & DLT granulation to 3mm. This process destroys the hard disk drive and renders data retrieval impossible.

5. Recycling: SCC also operates a zero landfill policy around recycling IT equipment with processes that are guided against Best Available Treatment Recovery and Recycling Techniques (UK) BATRRT and pre-treatment prior to shredding. Our recycling processes are guided by the WEEE Directive & RoHS compliancy and are also an AATF.
    
6. Traceability and Identification: SCC currently conforms to the following accreditations that help form control points and audit trails designed keep tight controls around stock movements.

• Lloyds ISO 9001:2000 (Quality Management System)
• Lloyds ISO 27001:2005 (Information Security Management System)
• CESG HMG Infosec 5 Standard Manual “S”

7. Equipment in transit Security: Best practices that consistently result in performance improvements for customer peace of mind. Today’s regulatory environment now associates direct regulatory and financial consequences when sensitive data is compromised. Lost data is subject to disclosure on a variety of fronts – personal, financial, health information – with resulting damages to brand, reputation and potentially stock value.
   Dedicated Transportation provides customers separate vehicles and transportation routes – ensuring that their information is not co-mingled with other customers’ media. Long distance and special project transportation are available to meet extra requirements beyond a customer’s existing contract for Dedicated Transportation.
   Before collection our account teams verify with clients what equipment is being collected. An itemised collection advise inventory is produced with client representatives that validate and check the load before the collection leaves the site. Vehicle load doors are secured for point A to B delivery
   
   
8. Mobile phone security: Tailor made solution to securely recycle your mobile phones whilst generating revenue. Secure phone erasure/flash process to remove stored data and personal information. Global due diligence service around stolen or blocked mobile phones.
    
9. Risk Assurance: Certifications to International Standards: External governing bodies verify SCH’s processes and management systems meet and exceed standards suited against current services offered.
   - Lloyds ISO 9001:2000 (Quality Management System)
   - Lloyds ISO 14001:2004 (Environment Management System)
   - Lloyds ISO 27001:2005 (Information Security Management System)
   - UK Government approved equipment
   - WEEE Directive & RoHS compliant and an AATF
   - Compliant with HMG Infosec 5 Standard Manual “S”
    
10. People Security: Data breaches seem to be getting more common, and soon they could get more costly. At least one security analyst predicts that a breach will bankrupt a high-profile company. Our pro active approach to this is to screen all staff when employing operational personnel who come into contact with data bearing equipment. SCC's screening involves the following:
     

• Identity Check
• Right to work / Nationality Check
• Residency Check
• Employer's References
• Police checks - All staff
• Financial Sanctions Database check
• Many full time staff also hold additional security clearances
   

11. Physical Site Security: The goal is to help achieve a secure working environment for employees and other persons working at or visiting our facilities and to help establish processes to ensure the protection of intellectual assets and protection of all site facilities.
     

• Data Bearing equipment is stored and processed within the Neo Park facility.
• Neo Park operates access control locks within the facility to limit access within the site.
• Neo Park facility operates with physical on site security monitoring stations
• Closed Circuit Digital Television (CCTV) cameras cover all access areas and egress
  To and from the site, plus covering all internal areas within the facility
• Site perimeter fences are secured all around the facility, incorporating 2 meter high palisade fencing.
• Internal gates and fencing are also installed around the delivery docking ports for added security.
• SCC staff are trained to identify, report and challenge unknown persons on-site.
• Physical staff searches are maintained on all staff entering and leaving the premises.
• Random physical security and Incident response assessments conducted.