New DIN 66399 Shredder Security Levels

by | Wednesday, August 21, 2013 7:48:00 PM | 0 comment(s)

Top-Level security in shredding all types of different data carriers

The new DIN 65399 replaces DIN 32757 and for the first time divides data destruction into three protection classes, six material classifications and seven security levels.

3 Protection Classes

To determine the security requirement, check which kind of data needs destroying. This gives you a classification in one of the three protection classes.

6 Material Classifications

For the first time, DIN 66399 defines different material classifications that indicate the type of data carrier you are destroying.

7 Security Levels

Instead of the previous 5, the new DIN 66399 now defines 7 security levels for each material classification. As hitherto, the higher the security level, the smaller the particle size the data carriers will be shredded into.

The protection classes in detail

The protection classes define the protection requirement for data and classification into the appropriate security level.

Protection class 1:
Normal security requirement for internal data intended for and accessible to
fairly large groups. Unauthorized disclosure would have a limited negative impact
on the company. Protection of personal data must be ensured. There would otherwise be a risk to the position and financial situation of the person affected.

Protection class 2:
High security requirement for confidential data restricted to a small group of persons. Unauthorized dissemination would have a considerable effect an the company and could violate contractual legal obligations or legislation. The protection of personal data must meet strict requirements. There would otherwise be a considerable risk to the social standing and financial situation of the individual affected.

Protection class 3:
Very high protection requirement for particularly confidential and secret data restricted to .a very small and named group of persons with access authorization. Unauthorized dissemination would have serious consequences for the company (threatening its livelihood) and may violate professional secrecy, contracts or legislation. The protection of personal data must be ensured at all cost. Otherwise the life and limb or personal freedom of the individual. affected may beat risk.

Classification
Security levels / protection classes
1 2 3 4 5 6 7
Protection Class 1
Protection Class 2
Protection Class 3

† This combination is not recommended for personal data

Material classifications at a glance

In addition to paper, DIN 66399 covers 5 other data carriers that are classified accordingly. Here’s a summary of them all:
P- Information shown in original size, e.g. paper, films, printed forms.
F – Information shown in reduced form, e.g. microfilms, transparencies.
0- Information on optical data carriers, e.g. CDs/ DVDs.
T – Information on magnetic data carriers, e.g. ID cards, floppy disks.
H -Information on hard drives with magnetic data carriers.
E -Information on electronic data carriers, e.g. USB sticks, chip cards.

The security levels for information shown in original size

The seven security levels in the new DIN 66399 provide effective protection in destroying all kinds of data carriers. As paper-based data carriers are still the ones most frequently destroyed, please find below the seven security levels for the “Information shown in original size” classification, e.g. paper:

p-1 security level P-1

 

  • Recommended, for example, for data carriers holding general data to be rendered illegible
  • Max. material particle size 2000 mm² (or 3 3/32”²) or max. strip width 12 mm, strip length not limited
  • Shredded data can be reproduced without special equipment and special knowledge but not without involving a particularly time-consuming process
p-2 security level P-2

 

  • Recommended, for example, for data carriers holding internal data to be rendered illegible
  • Max. material particle size 800 mm² (or 1 15/64”²) or max. strip width 6 mm, strip length not limited
  • Shredded data can be reproduced with equipment and only in a particularly time-consuming process
p-3 security level P-3

 

  • Recommended, for example, for data carriers holding sensitive, confidential and personal data
  • Max. material particle size 320 mm² (or 1/2”²) or max. strip width 2 mm, strip length not limited
  • Shredded data can only be reproduced with considerable effort
p-4 security level P-4

 

  • Recommended, for example, for data carriers holding particularly sensitive, confidential and personal data
  • Max. material particle size 160 mm² (or 1/4”²) and for regular particles: max. strip length 6 mm
  • Shredded data can only be reproduced using equipment not normally available commercially or special constructions
p-5 security level P-5

 

  • Recommended, for example, for data carriers holding confidential information
  • Max. material particle size 30 mm² (or 3/64”²) and for regular particles: max. strip length 2 mm
  • Shredded data unlikely to be reproduced with the state of the art
p-6 security level P-6

 

  • Recommended, for example, for data carriers holding confidential information demanding an exceptionally high level of security
  • Max. material particle size 10 mm² (or 1/64”²) and for regular particles: 14 max strip length 1 mm
  • Shredded data cannot be reproduced with the state of the art
p-7 security level P-7

 

  • Recommended, for example, for data carriers holding strictly confidential information demanding the highest security precautions
  • Max. material particle size 5 mm² (or 0.008”²) and for regular particles: max. strip length 1 mm
  • Shredded data cannot be reproduced with the current state of science and art

Machine-Solution.com
We enjoy helping our customers each and every day.

COMMENTS (must be logged in to post comments) Login