This is a detailed comparison between TechR2 and other vendors who perform fully compliant media storage security and data / information eradication services. There are companies that provide segments of TechR2’s services, but we are confident that no other company provides the comprehensive, A-to-Z, full compliance media security / data / information eradication solution that TechR2 provides. TechR2’s patented method serves to address what is otherwise (we believe) a flawed process for media retention throughout our industry.
Consider the following points which we believe differentiate and set TechR2 far apart from any other vendor in the industry:
- TechR2 is the only company in the industry that has been awarded a patent (U.S. Patent 9,430,654) for its comprehensive Track-Contain-Destroy process. TechR2’s patent recognizes the unique process that TechR2 has developed to fully protect its business partners from data breaches that might otherwise result from mismanaged loose data-bearing devices.
TechR2’s information security patented process is unmatched in the industry and, more specifically:
- TechR2’s process implements an intricate RFID system that tags each device and communicates with TechR2’s proprietary software to track every move of said devices via TechR2’s client-accessible web portal. No device (or data contained on the device) is permitted to leave the facility without real time, immediate alert.
- TechR2 representatives train and certify company managers, technicians and quality control personnel to ensure compliance with the TechR2 solution.
- A TechR2 Appliance holds the devices and, once filled to capacity, two (2) TechR2 highly trained technicians are dispatched to reconcile the block of devices with the data contained within each. TechR2 employs a two (2) technician (sanitizer and verifier) method that fully complies with NIST 800-88 r1 mandates – mandates that we find most other vendors in our industry commonly ignore.
- Once scanned, audited and reconciled (to ensure nothing falls through the cracks), the data is completely and irretrievably eradicated utilizing NSA certified degaussers – on site within the 4 walls of the facility. Again, the data never leaves the control of the organization which is also a NIST 800-88 r1 requirement. If a loose data bearing device leaves our client’s facility, TechR2 technology triggers a notification requiring immediate risk assessment.
- Then, and only then, are the resulting “technology corpses” removed from the client’s facility and responsibly disposed of in a manner consistent with all EPA standards, and in accordance with TechR2’s Zero Landfill Policy.
- TechR2 then issues an Audit Report and a Certificate of Destruction which, again, meets all NIST 800-88 r1.
- As stated – TechR2 had developed and fully utilizes proprietary asset management software through which clients have unlimited access. Among other things, customers have access to:
- Customer reports – including device tracking along with audit and reconciliation reports
- Green reports – the client’s carbon footprint report
- Certificates of Destruction – to confirm compliance with applicable regulations and industry standards
- TechR2 has earned and maintained multiple rigorous ISO and other industry certifications. In fact, TechR2 may be the only vendor in the industry that matches IBM ISO certifications in this regard. The following certifications help to define TechR2’s superior standing as compared to other vendors in the industry:
- ISO27001 Certification – Information Security Management System (Global)
- ISO14001 Certification – Environmental Management System (Global)
- ISO9001 Certification – Quality Management System (Global)
- ISO45001 Certification – Occupational Health and Safety Assessment Series
- WBE and WOSB (woman owned business certifications)
- MBE (minority owned business certification – pending)
- TechR2’s patented process is fully compliant with local, state, federal and international regulations – including HIPAA, HITECH, PCI, SOX, GLBA, Federal Financial Institutions Examination Council Handbook, et al. – and exceeds industry standards and best practices. TechR2’s process also meets NSA/CSS data sanitation guidelines and far exceeds NIST and NAID guidelines. Many other vendors tout that they are NAID AAA certified – but in our opinion such certification does not on its own evidence compliance with NIST 800-88 guidelines, or the myriad of other applicable regulations. TechR2 covers them all.
- TechR2 is well-versed and has full wipe capability with regard to IBM storage servers, such as XIV, DS8000 series, DS6800 and TS7700.
- TechR2’s process includes secure transport abilities.
- TechR2 provides services locally, nationally and internationally – and is well-versed with business partnerships.
- As you know – the General Data Protection Regulation is looming. TechR2 is well aware of GDPR, we understand GDPR and we are on top of it. Our process and global ISO certifications fully comply with the mandates of GDPR and set TechR2 far apart from anyone in the industry in this regard.
- TechR2 guarantees its services and adequately insures against any breach of data while under TechR2’s control. To date, TechR2 has never allowed a breach of data under TechR2’s control.
Nobody in our industry provides the comprehensive, fully compliant, complete A-to-Z solution that TechR2 offers – nor can they
In sum – here is a “Top 10” of what sets TechR2 apart from anyone else in the industry:
- Patented process – the only of its kind in the industry
- RFID tagging combined with proprietary software – we are not aware of any better
- A training program that ensures business partner personnel adhere to strict protocol – you would be hard-pressed to find a vendor that takes such time and interest in its business partner.
- On-site data eradication (on-site is a key component) – as opposed to shredding in the parking lot or “securely” shipping devices and their data – not only do we not believe devices and their data can be fully securely shipped – be we believe that once the data leaves the 4-walls of an organization’s facility – all control is lost and there is no way to affirmatively and unequivocally attest that there has not been a breach
- Secure and environmentally sound transport of device corpses after data cleansing – Zero Landfill Policy
- ISO and Industry certifications – we have not seen any other vendor that has earned the certifications that TechR2 has earned and maintains
- Such certifications are national and global – TechR2 can step up globally without concern of overseas business partners – not many vendors, if any, can say the same
- TechR2 is privately owned, woman owned, and minority owner
- TechR2 is experienced with dealing with IBM manufactured devices
- TechR2 is prepared for full compliance with GDPR