An In-depth Look at Shredder Security Levels
Here at Whitaker Brothers, we have noticed there is a lot of confusion surrounding the 7 levels of shred size. Where there once were 6, there now are 7 levels, and the transition is catching some people off guard. Various government bodies and individual companies alike are increasingly referring to paper shredders in terms of these levels. We're breaking down the 7 levels for the destruction of “P” materials, or paper-based materials.
New vs. Old Shred Level Standards
As of August 2012, there were 6 data destruction levels for paper-based documents. September 2012 rang in a new set of standards, the DIN 66399, which usurped the old standards of the DIN 32757. The new standards, created by the German Deutches Institut Fur Normung splits two of the old levels, 4 and 6, leaving 7 levels of specifications for the destruction of six types of materials.
Many U.S. bodies have regulations that encompass shredding; the NSA and the Department of Commerce are just two; but deciding to what P-level a document should be shredded is still the responsibility of each individual company. Remember, it is always a good idea to talk with your security officer about the proper disposal of media for your company.
Why do American data destruction companies use German standards?
We use the German levels for several reasons.
The DIN 66399 provides very detailed information. For each level, there is a maximum area and width of the shred particle and verbiage detailing what sensitivity of information ought to be destroyed to what level. Though the levels refer to different sizes of shred and not to different types of machines, the clear distinction between levels makes it possible to classify machines as P-7, P-3, etc. based on what particle they create.
Germany holds the market on office duty shredders. Most of the office duty shredders sold in the United States are manufactured in, and imported from, Germany. Naturally, the German government would have an incentive to create its own high quality standards standards for data destruction.
The German standards are neatly contained in one document. U.S. government standards however are not contained neatly in one document like the DIN 66399. Before the most recent DIN, there was much less consensus on levels. For the whole picture according to the NSA/CSS, you have to look at the Evaluated Product List (EPL) for shredders and disintegrators, and the Storage Device Declassification Manual. These documents address the destruction of all media together, meaning sometimes the standards for different types of media overlap. Comparatively, the DIN is a well-organized document that echoes what the international community generally thinks data destruction standards should be, not only for paper, but also for five other types of media.
What is the significance of the “P” prefix?
The DIN neatly attaches a letter to each of the seven security levels in order to distinguish the different destruction standards for each type of data carrier (paper, film, CDs, etc.). Below is an in depth explanation of the security levels for shredding paper documents, P1-7.
The 7 “New” Levels of Shredding Paper
P-7 (The old level 6)
P-7 shredders are the most advanced available, and the only shredders to satisfy NSA requirements for the destruction of secret and top secret data.
What is this mysterious P-7? Due to advances in technology, the ability to recover microscopic print has driven the NSA to create an even tighter classified destruction standard. In order for a machine to be labelled P-7, the area of the particle it expels must be half the size of a P-6 particle, or 5mm2. More importantly, the width of the miniature shredded rectangle must be less than 1mm. This miniscule size allows that no more than 4 characters on microfilm may be distinguished.
As far as recreating the data? Impossible. In the future, someone may invent technology capable of re-formulating media from particles the size of grains of rice, but at this moment in time no one has. When someone finally does, rest assured, there will be no dispute over why someone would purchase this technology, which in itself should provide a method of security.
P-7 shredders are used to destroy classified documents including secret and top secret documents dealing with Communications Security (COMSEC), Secure Compartmentalized Information (SCI), and Special Access Programs (SAP). This is the level of shredder is found in SCIFs.
It is important to keep in mind that the sophisticated crosscut head of a P-7 shredder allows a low throughput. Generally, the most heavy duty machines for paper-based products are only capable of handling around 10 sheets per pass. Paperclips and staples are the kryptonite of the high security shredder--even one can break the blade leaving the shredder useless until fixed.
It is also important to note that there are many P-7 shredders out there, but only some have been evaluated by the NSA and placed on the EPL. Only EPL-listed high security shredders can be used to destroy classified documents. Click here to see the shredders we sell that make the list.
Level P-6 (formerly level 5)
P-6 shredders are complex crosscut shredders that are decreasing in popularity.
The P-6 is the old level 5. Years and years ago, level 5 satisfied the requirements for destroying top secret data, but no longer. P-6 is now essentially obsolete, and has been replaced by P-7. A P-6 shredder does not produce a particle small enough to comply with the NSA regulations for the destruction of classified data. P-6 shred particle size is almost exactly the same as the old level 5’s shred particle (there is a difference of ¼” in length). Although P-6 is no longer supported by the EPL, some high security conscious organizations do still opt to use this shred size because of familiarity with the old specifications, and for peace of mind.
Level P-5 (formerly level 4)
P-5 shredders are ideal for sensitive, but not classified information.
With the introduction of P-4, the old level 4 is now the new P-5. We see this machine becoming more and more popular in the future, what with advances in technology that make reformulating strip cut particle possible in a matter of minutes. Though a P-5 shredder does not create particles small enough to validate shredding classified documents, it is appropriate for shredding social security numbers and other data of this sensitivity. This machine would be useful for a CEO who is particularly protective of his paper documents, but for the average office, a higher throughput shredder could be a more sensible approach. P-5 shredders are also often used to destroy Personal Identifiable Information (PII) and Controlled Unclassified Information (CUI). When considering a P-5 shredder, it’s important to think about volume. Often with shredders, increasing security means decreasing productivity: the smaller the particle, the lower the throughput. Keep this in mind if you will be needing to destroy many documents at once.
NEW! Level P-4
A relatively simple crosscut shredder creates P-4 sized shred.
P-4 is supposedly a “new” level, but it actually encompasses a subset of shredders considered to belong under the old level 3: basic crosscut shredders. Adjusting for the change in standards, this is the most popular shredder we sell. If HIPAA is revised, we imagine this shredder will become even more popular. The boundary between P-3 and P-4 is marked by a transition in particle size. Crosscut shredders provide an extra level of security in the shape of its particles: instead of long strips in a neat pile, crosscut shredders create a tossed salad of irregularly-sized paper pieces, making reconstruction extremely difficult. P-4 crosscut is noticeably smaller than P-3’s coarse crosscut. Though throughput is diminished with the use of a crosscut shredder head, data security is increased due to the smaller residue. Another positive to note is that the small volume of the shred makes it necessary to empty the receptacle less often.
P-3 shredders most often produce a rough strip cut or sometimes a very thin strip cut shred that satisfies HIPAA regulations for destroying Protected Health Information (PHI).
A P-3 shred is the most popular size that satisfies not only FACTA, but also HIPAA, the Health Insurance Portability and Accountability Act. HIPAA is an exercise in civil rights that requires your medical records be reduced to pencil-sized slivers, should your medical history be deemed unnecessary to keep. If you switch doctors, the old office is required by the Department of Health and Human Services to destroy the old documents with at least a P-3 shredder.
A P-3 sports the highest throughput and the biggest particle size that still satisfies HIPAA regulations. As of the date this article was published, HIPAA requires at least a P-3, but we suspect the regulations may change in the future to reflect the change in security levels. Then, a P-4 will be the minimum level for HIPAA. But if following current government regulations regarding consumer data is your only concern, and the information you handle is not classified, this is the only shredder you need now. Many companies are choosing to upgrade to at least a P-4 shredder anyway because it presents a more difficult challenge for identity thieves.
A P-2 shredder produces a strip cut particle that is smaller in width than a P-1 shredder.
A P-2 machine has the same mechanism as a P-1 shredder, except the strips are smaller in width. Smaller strips are more difficult to piece together, which provides for more secure data destruction. Still, the relatively thick shred size means that names, figures and phone numbers may still be legible without too much reconstruction. Although more secure than P-1, we normally recommend to use at least a crosscut shredder (which start at level P-3) to destroy any document or media containing personally identifiable information.
P-1 is the lowest level of paper destruction, ideal for paper volume reduction and recycling. It is characterized by a wide strip cut particle.
All companies that need to dispose of consumer credit card information are required by the Fair and Accurate Credit Transactions Act (FACTA) to destroy information with at least a P-1 shredder. The rule states,
“Any person who maintains or otherwise possesses consumer information for a business purpose must properly dispose of such information by taking reasonable measures to protect against unauthorized access to or use of the information in connection with its disposal”.
After this passage, the document lists several examples of proper data disposal, including shredding.This regulation leaves it up to the information handlers to decide what the “reasonable” level of destruction should be for their data. We would suggest at least a P-4 crosscut shredder for the destruction of consumer credit card information, in order prevent the documents from being reconstructed easily.
Though frustrating and time consuming, it is still relatively easy to piece together paper strips from a strip cut shredder, compared to particles from a crosscut shredder. Level 1 shredders are best suited for large scale paper recycling: newspapers, phone books etc. Because of the simplicity of the shredder head, throughput is very high. P-1 shredders reduce paper volume quickly and efficiently.
We hope this in depth explanation of each other the 7 data security levels makes it easier for you to decide which shredder you should include in your office. Remember, it is ALWAYS better to do as much of your data destruction as possible in-house. Mobile shredding companies may provide an alternative to adding a shredding machine to the budget, but contracting away your data destruction can potentially present a huge security risk.