Body
Overview
In order to reduce the risk of unauthorized access to data stored on hard drives, and removable media, it is important to thoroughly sanitize media before it is re-used by another unit, or leaves the university. This article describes the recommended process to sanitize media.
These guidelines are approved to support OIT Standards and Policies, including:
For assistance with device disposal:
Technology Equipment Surplus
Delete, or wipe?
Deleting a file, such as by emptying the recycle bin, does not actually remove the data from the drive. The data remains in "unallocated space" and could still be recovered using tools that are readily available on the internet. Wiping a file, however, completely overwrites the data on the drive so that it cannot be recovered.
Re-use of media
Sometimes a device will be re-used by another individual within the university, or perhaps sent to surplus where it could be sold to someone external to the university. The storage medium, such as a hard drive or a removable drive, should be sanitized before the device is transferred so that residual data is not left on the drive.
Securing media prior to disposal or re-use
It is critical that while devices or media are waiting to be wiped or destroyed, or in transit, that they be kept secure so that they cannot be accessed inappropriately. This includes:
- Storing in a powered-off state
- Storing in locked cabinets and/or locked rooms with limited access
- If the device needs to be packaged for shipment, take a picture of the devices and box, and only ship on a carrier with delivery certification and insurance (signature required)
- If transported in a vehicle, boxes should be sealed and obscured, in a locked vehicle only for the shortest time necessary
- Limit the time devices will be stored before wipe to as short as reasonable to prevent theft or loss
Process
Media |
Process |
Hard Drives
- Internal magnetic hard drives (laptop or desktop computers)
- External magnetic hard drives
|
- Overwrite the data on the drive with a minimum of one pass of all zeros or per NIST 800-88. DBAN has been approved for this purpose.
- Record the serial number of the device with the wipe method and its confirmation in a ticket
Alternatively:
- If the device will not be re-used, the device should be destroyed
- Use one of the ATA Sanitize Device feature set commands, if supported
- Use the ATA Security feature set's "SECURE ERASE UNIT" command, if supported
See How do I erase my Hard Disk Drive? for more information and steps for using DBAN.
|
Solid State Drives
- Internal solid state hard drives (laptop or desktop computers)
- External solid state hard drives
|
- Overwrite the data on the drive with a single pass consisting of a fixed value, such as all-zeros
- Use the ATA Security feature set's
SECURITY ERASE UNIT command if supported
- Record the serial number of the device with the wipe method and its confirmation in a ticket
Alternatively:
- If the device will not be re-used, the device should be destroyed (Note: current UI crusher is insufficent for SSD)
- Use the ATA Sanitize command, if supported (block erase, cryptographic erase)
- For NVMe SSDs, use the NVM Express Format command, if supported
- ActiveKill software has been approved for disk wipe.
See How do I erase my Solid State Drive? for more information.
|
Removable Media
- USB flash drives
- Memory cards (SD, SDHC, MMC, Compact Flash, Memory Stick, etc.)
|
- Overwrite the data on the drive with two passes
- The first pass should use a fixed value, and it's complement for the second pass
- If the device will not be re-used the device should be destroyed (current UI crusher is not sufficient for this purpose).
- Record the serial number of the device with the wipe method and its confirmation in a ticket
See How do I erase my Hard Disk Drive? for more information. DBAN can be used to overwrite removable media.
|
Optical Media
|
There is no approved method to sanitize this kind of media.
Destroy the media by shredding it.
If the device has a serial number or unique identifying information, record this with the destruction confirmation in a ticket
|
Mobile devices
- iPhones
- iPads
- Android phones
- Android tablets
|
Mobile devices usually have a factory reset function which erases all data on the device. The steps to invoke this process differ based on the device's operating system.
See How do I erase my Android device? for Android device steps.
See How do I erase my iOS device? for Apple device steps.
Other devices, such as Amazon Fire tablets, may have their own erase steps. Consult manufacturer documentation for steps.
Devices which do not have a method to erase data should be destroyed.
If the device has a serial number or unique identifying information, record this with the destruction confirmation in a ticket
|
Destruction
Hard drives can be destroyed by OIT using a special device that crushes the drives. Current UI crusher is not sufficient to crush SSDs. Removable media can be destroyed by shredding or pulverizing the drive, although it is not recommended that you destroy the media yourself due to the possibility of injury. Optical Media can be shredded safely using some paper shredders, or via a destruction service.
Purge Instructions
Purge instructions for storage media and mobile devices can be found at: