Topics Map > Safety and Security

Security Compliance, Electronic Data, Disk, SSD, or Other Storage Device Disposal

Data, Disk, SSD, Media, and Storage Device Disposal FAQ

Q: What's the university policy regarding disposal or surplus of electronic storage media and/or storage devices?

A: For storage media disposal requirements, see University IT Security Standard IT15-Storage Media Security, at https://go.illinois.edu/secstd-IT15


Q: What actions must I take before releasing or disposing of storage devices or storage media?

Pre-disposal steps

Data Classification

Storage device or media

 Action (at least one must be performed)

High-risk data (Health information/PHI, payment card, SSN, DL#, banking, export control, compartmentalized, etc.)

HDD (magnetic, spinning-platter type), Magnetic Tape, Other*

·     Crush/Shred 

High-risk data

M.2, SSD, or flash

·       Crush/shred

Sensitive data (FERPA, etc.)

M.2, SSD, or flash

·       Overwrite/scrub (must be verified)

·       Crush/shred 

Sensitive data

HDD (magnetic, spinning platter- type), Magnetic Tape, Other*

·       Overwrite/scrub (must be verified)

·       Degauss

·       Crush/shred

Sensitive data

Encrypted storage** 

·       Verify device is completely encrypted, then delete all encryption keys such that they are completely irrecoverable and officially document.***

Internal data & Public data

M.2, SSD, or flash

·       Overwrite/scrub

·       Crush/shred

Internal data & Public data

HDD (magnetic, spinning platter- type), Magnetic Tape, Other*

·       Overwrite/scrub

·       Degauss

·       Crush/shred

Internal data & Public data

Encrypted storage**

·       Verify device is completely encrypted, then delete all encryption keys such that they are completely irrecoverable and officially document.***


* "Other” includes optical media (e.g., CDs or DVDs), magnetic media (e.g., tapes or diskettes), disk drives (e.g., external, portable, or disk drives removed from information systems)

** Any university-managed device with strong, full-disk encryption for its entire service life including both flash and magnetic storage types

*** File-level encryption does not meet this requirement, nor does a device that was unencrypted for any length of time. Actions must be complete, and auditable


 

Q. What do you mean by "scrub" or "overwrite"?

 A. On spinning-platter and magnetic type hard drives, scrubbing or overwriting means writing over each bit with random ones and zeroes. 

For flash memory and SSDs a different approach must be taken because it operates differently than magnetic media. Most SSDs have special data purge commands built into their hardware. These should overwrite the data in multiple passes using a pattern in the first pass and a complement in the second pass.


Q. How might I scrub or overwrite a digital storage device?

A. (For non-IT Professionals) Find an IT Professional proficient on the platform (Windows/Mac/Linux/etc) in question and request that they perform the overwrite.
(For IT Professionals) Below are a few ideas on how to meet the requirement, both for SSD and for HDD.

How to scrub digital storage by drive type
Spinning-platter HDD
Secure Erase, Liveboot CLI++ ++ use a Linux live-boot distro and "dd" to overwrite* the target HDD
SSD "ATA Secure erase"   See e.g. https://www.makeuseof.com/tag/securely-erase-ssd-without-destroying/
*Note 1: dd can be very effective (and destructive!) when used in this way. The precise syntax of the dd command may vary - see your local info or man pages to ensure correct syntax before executing


Q. How do I fill out the Data Scrub Label?

A. (For non-IT Professionals) Find an IT Professional proficient on the platform (Windows/Mac/Linux/etc) in question and request that they perform the task.

    (For IT Professionals) Below are the steps to fill out the Data Scrub Label.

  1. Affix a Scrub Label to the front of the item to certify that you have removed the data.
  2. Write down the unit or organization name e.g., School of Engineering IT.
  3. If the device has a P-Tag write the number down if it does not write a short description e.g, Red SSD 256 GB 
  4. If the device has a serial number include it here if not please write N/A 
  5. Please circle the Data Classification that was on the device before the scrub. 
    1. Information on the Security, Data Classification
  6. On the next three lines check the appropriate action (s)
    1. Check and then circle Overwritten or Digitally Reset. "Overwritten" if the data was overwritten. “Digitally Reset” if using a drive management tool such as ATA secure erase.
    2. Check "Inoperable Device" if the device is inoperable and cannot run data elimination software. 
    3. Check “Encryption Key Destroyed” if the encryption key was destroyed for the storage volume 
  7. Describe briefly what was used to overwrite the software (Hardware or Software) e.g, ATA secure Erase, DBAN, Eraser etc. 
  8. Print your name and title.  
  9. Then sign and date the task was performed.

Q. Can I trust that the data is irrecoverable after scrubbing?

A. To an extent, but the only completely risk-free way of purging data is physical destruction. If you are concerned enough to ask the question, physical destruction is probably the answer.


 

Q. Can I just RMA or throw away a digital storage device?

A. No. The device must be scrubbed, overwritten, or destroyed before it is released or discarded, per the data classification requirements.


 

Q. What if the device to be RMA'd or discarded is broken?

A. All broken storage devices with University data are required to be degaussed or destroyed before they are released.


 

Q. What needs to be done before sending a machine to surplus?

A. Before sending a drive to Surplus:

  • For a functioning drive, erase it to campus policy standards (see above), and send it to Surplus.
  • For a non-functioning drive, write "DEGAUSS" on it. When you have collected enough drives, send them to Surplus to be degaussed.

See the OBFS page on how to Dispose of Unneeded Equipment.


Q. What services can I use to procure hard drive destruction and what must I do?

A. For HDDs with Sensitive data and below, degaussing is acceptable for data destruction. The Surplus Warehouse has an industrial degausser. See above.

For HDDs with High-Risk data and below, the following vendors offer data destruction services and chain of custody and certificate of destruction documentation.

Vendors providing drive destruction services
Vendor
Contact Information
Vendor and contract information can be found on the OBFS website located here.
Vendor and contract information can be found on the OBFS website located here.
Procurri services need to be purchased through CDW.  Contact information and information regarding CDW quotes can be found here.

The table above includes links to contact information for each vendor as well as available contract information.  For additional assistance regarding securing vendor services, we recommend contacting your Purchasing Office.


Q. When should I use an on-site service over a shipping option?

A. For devices containing High Risk data or for devices that can't be scrubbed/overwritten, use of an on-site destruction service is recommended.  An off-site (shipping) option may provide additional assurance that data is irrecoverable and could be appropriate for scrubbed/overwritten devices containing Public, Internal, or Sensitive data. 


Q. Are there any steps I should take to ensure compliance with University data retention schedules?

A. Some regulations do require organizations to track and document actions taken during storage media disposal.  If you have questions regarding retention requirements, we recommend you contact the Records and Information Management group.


Q. What if I have additional questions about the IT15 Security Standards or cybersecurity in general?

A. Additional questions regarding data destruction and cybersecurity can be directed to securitysupport@illinois.edu.