Fluid Attacks utilizes AWS cloud infrastructure for data storage. Our secure deletion process for cloud-based information follows AWS's validated secure deletion procedures in compliance with ISO/IEC 27017:2015 and ISO/IEC 27018:2019:

1. Standard Deletion: When data is deleted through AWS services (e.g., S3), AWS executes its documented deletion processes, which prevent data recovery.
2. AWS Secure Deletion Standards: AWS follows NIST 800-88 guidelines for media sanitization. When storage media reaches end-of-life, AWS uses techniques detailed in DoD 5220.22-M or NIST 800-88 to render data unrecoverable.
3. Cryptographic Deletion: For encrypted data (which we mandate), deletion of encryption keys renders the data permanently inaccessible, even if remnant data exists on storage media.
4. AWS Shared Responsibility Model:
   1. AWS (CSP responsibility): Secure disposal of physical storage media, validated sanitization procedures, compliance with ISO 27001/27017/27018
   2. Fluid Attacks (CSC responsibility): Logical deletion of data objects, encryption key management, retention policy enforcement, deletion verification
5. Verification: We maintain deletion logs from AWS CloudWatch and CloudTrail showing deletion timestamps and actions performed.
6. AWS Compliance Certifications: AWS maintains ISO 27001, ISO 27017, ISO 27018, SOC 2, and FedRAMP certifications, which include validated secure disposal procedures audited by third parties.

• Sign the end user out of all Apple services, such as iCloud
• Remove fingerprints from Touch ID
• Unpair Bluetooth accessories
• Turn off Find My Mac and Activation Lock
• Erase apps, data, and user settings
• Erase all other volumes, including system volumes, using BOOTCAMP

Other confidentiality measures

1. Device enrolling and re-enrolling
2. Direct hire
   
3. Encryption at rest
   
4. Encryption in transit
5. No personal gain policy
   
6. Personnel NDA