The Highest Standard of Data Destruction
Defence and military IT asset destruction represents the most stringent end of the data destruction spectrum. The information stored on defence systems, including operational plans, intelligence data, weapons system parameters, communications intercepts, and personnel security files, could cause serious or exceptionally grave damage to national security if compromised. The destruction standards applied to defence IT equipment reflect the severity of these consequences.
For organisations in the defence supply chain, understanding and meeting these requirements is a prerequisite for doing business with the Australian Defence Force (ADF) and the Department of Defence.
Classification and Sensitivity
Defence data is classified under the same Australian Government classification system (OFFICIAL through TOP SECRET) but often sits at the higher end of the scale. Much defence data is classified as PROTECTED, SECRET, or TOP SECRET, with each level carrying progressively more demanding destruction requirements as specified in the Australian Signals Directorate’s Information Security Manual (ISM).
Additionally, some defence data carries caveats that restrict its distribution to specific communities (such as AUSTEO for Australian Eyes Only, or specific coalition caveats for data shared with allied nations). These caveats may impose additional handling and destruction requirements beyond those specified for the base classification level.
ISM Requirements for Defence Media Destruction
The ISM specifies destruction methods based on both the classification level and the type of storage media.
For magnetic hard drives at the SECRET and TOP SECRET levels, the ISM requires physical destruction that renders the platters irrecoverable. This typically means shredding to a particle size of 6mm or less, or incineration at approved facilities. Degaussing alone is not considered sufficient for SECRET and above; it must be followed by physical destruction.
For solid-state drives at these classification levels, the ISM requires physical destruction that reduces the NAND flash chips to a size that prevents chip-level recovery. The target particle size for SSD destruction is typically smaller than for HDDs due to the density of data stored on individual flash chips.
For optical media, physical destruction through shredding or incineration is required. For magnetic tape, degaussing followed by physical destruction is the standard approach.
At the PROTECTED level, the ISM permits some software-based sanitisation methods for media being reused within the same security domain, but requires physical destruction for media leaving the domain or being disposed of.
The Defence Industry Security Program
The Defence Industry Security Program (DISP) is the framework through which the Department of Defence manages the security of classified information held by defence industry contractors. DISP membership is required for organisations that need to access or handle classified defence information.
DISP members must maintain security plans that include procedures for IT asset disposal. These procedures must align with the ISM and any additional requirements specified in the Defence Security Principles Framework (DSPF). DISP audits assess compliance with these requirements, and non-compliance can result in the suspension or revocation of DISP membership.
Witnessed Destruction
For classified defence data, destruction is typically witnessed by an authorised representative of the Defence organisation or by a security officer from the contracting organisation. The witness verifies that the correct items were destroyed, that the destruction was thorough, and that no material was diverted or retained.
Witnessed destruction records must include the identity of the witness, the date, time, and location of destruction, a list of all items destroyed with serial numbers, the destruction method used, and photographic evidence (where permitted by security requirements). These records are retained as part of the organisation’s security documentation and may be reviewed during DISP audits.
Personnel Clearance Requirements
All personnel involved in the handling and destruction of classified defence material must hold the appropriate security clearance. For PROTECTED material, a Negative Vetting Level 1 (NV1) clearance is required. For SECRET material, Negative Vetting Level 2 (NV2) is required. For TOP SECRET material, a Positive Vetting (PV) clearance is required.
Third-party destruction providers must have personnel with the necessary clearances and facilities that are accredited for handling classified material at the appropriate level. The provider must also be a DISP member if they are handling classified defence information.
Facility Requirements
The facility where classified defence IT equipment is stored and destroyed must meet physical security requirements commensurate with the classification level. This includes perimeter security (fencing, access controls, intrusion detection), room security (alarmed, access-controlled areas for classified material), CCTV coverage with appropriate recording retention, and secure waste handling for destroyed material.
For the highest classification levels, the destruction facility itself may need to be accredited by Defence security authorities. The accreditation process verifies that the facility meets all physical and procedural security requirements for handling classified material.
Specific Equipment Considerations
Defence environments use specialised IT equipment that requires particular attention during disposal. Tactical communications equipment, including radios and encryption devices, may contain cryptographic key material that must be zeroised before physical destruction. Command and control systems may have data distributed across multiple components and subsystems. Weapons system computers may contain classified technical parameters and targeting data. Intelligence processing systems may hold information at the highest classification levels.
For these specialised systems, the Department of Defence or the relevant defence agency will typically provide specific disposal instructions tailored to the equipment type and classification level.
Defence data destruction leaves no room for compromise. The standards are demanding because the consequences of failure are severe. Organisations that handle defence data must invest in the people, processes, and facilities needed to meet these standards consistently.