Secure Data Deletion
See the Information Security Framework Media Sanitization standard for current requirements.
Even though computer users may think that data or programs have been deleted by hitting the "delete key", there are often significant remnants remaining on the hard disk of the computer. Non-public data and licensed software remaining on computers, other electronic devices, and storage media at the time of transfer or disposal represents a substantial risk.
The department or individual directly responsible for non-public data on a University computer or other electronic device is required to ensure that any non-public information on that device is securely removed before sale or transfer out of their direct control. Examples of such sales and transfers are: transfer to another department; public sale; donation; or scrapping.
Computers and other devices with hard drives, such as printers, copiers and multi-function devices (printer/copier/fax/scanner) must be electronically wiped (using a secure data deletion program) or the physical media must be destroyed.
Tapes, CDs, cartridges and other storage and backup media containing non-public information must also be securely deleted or destroyed before disposal or transfer out of direct control.
Since it is possible that even systems not thought of as containing important information or hard drives (e.g., photocopiers, printers, etc.) can have remnants from previous activity, it is recommended that all systems and media moving from one department or type of usage to another be securely wiped. See Printers, Copiers and Multi-Function Devices web page. For others, such as devices that are not operational, physical removal and destroying hard disks or other media may be necessary.
The risk mitigation alternative selected should be in proportion to the risk. For most desktop systems with disks that are operational, use of secure data deletion software for at least a single pass would likely be sufficient. With increased risk, increased numbers of passes with the software and the use of physical destruction should be considered. The use of secure deletion tools is reviewed as part of the normal University audit procedures. Collegiate and departmental technology support staff as well as OIT staff can assist in identifying alternatives.
The Office of Information Technology (OIT) web site identifies several secure file deletion programs, a few of which are free downloads (see Secure Data Deletion Tools under Resources and Links to the side). If a system is non-operational, the disk or other media may still contain non-public data and must be removed and either securely deleted or physically destroyed. Special care should be taken to securely delete or destroy backup and other removable media after use.
In addition to the departmental staff who are responsible for non-public data on their electronic systems, staff involved in any transfers of equipment both within and particularly outside the University through sales, recycling, donations, etc. must be certain that University data and licensed software has been removed. A statement should be obtained from the originating department that non-public data has been removed before making external transfers outside the University.
Upon request, campus technology support groups that perform secure deletion should provide the originating department or user with a form (with identifying information like serial number and the date) and a statement that the campus support group agrees to perform the secure deletion in conformance to the Secure Deletion Standard and assumes responsibility for doing so.