Security, Data, Disk, and Device Disposal FAQ

Data, Disk, and Storage Device Disposal FAQ

HIGH RISK DATA NOTE: Devices that hold or that once held High Risk Data (PHI, credit card, SSN, DL#, banking, export control) must be physically destroyed before they are released.

For storage media disposal requirements, see University IT Security Standard IT15-Storage Media Security,  at https://go.illinois.edu/secstd-IT15


Q. What do you mean by "scrub" or "overwrite"?

A. Scrubbing or overwriting means writing over each bit on the drive with random ones and zeroes. Since techniques exist for recovering data even from drives that have been "erased" or reformatted, the Department of Defense has recommended that drives be overwritten; drives containing high risk information are never recycled but physically destroyed.


Q. Can I just RMA or throw away a digital storage device?

A. No. The device must be scrubbed before it is released or discarded.


Q. What if the device to be RMA'd or discarded is broken?

A. All broken storage devices with University data are required to be degaussed or destroyed before they are released.


Q. How do I scrub or overwrite a disk?

A. (For non-IT Professionals) Find an IT Professional proficient on the platform (Windows/Mac/Linux/etc) in question and request that they perform the overwrite.
A. (For IT Professionals)

Windows

DBAN
Linux/Unix

DBAN
Mac
Apple Disk Utility Secure Erase
CD-BOOT
(manual, admin CLI)
* (assumes device to be overwritten is "dev/sda", change output device name to match your desired output device to be overwritten)
 boot Linux LiveCD and run, as the root user "dd if=/dev/zero of=/dev/sda"
*Note 1: The precise format of the dd command will vary depending on the flavor of Linux/Unix used.


Q. What needs to be done before sending a machine to surplus?

A. See the OBFS page on how to Dispose of Unneeded Equipment .


Q. Can you show me where to get disk disposal labels?

A. Yes. You can make your own labels to place on the surplus/scrapped machine by downloading the following file and printing it onto Avery label paper.

Avery 5160 (30 labels/sheet, 1" x 2 5/8")

Avery 5163 (10 labels/sheet, 2" x 4")




Keywords:security, privacy, data, scrub, overwrite, wipe, dban, disposal, disk, storage, information, destroy, recycle, surplus, RMA, FAQ,   Doc ID:69861
Owner:Security S.Group:University of Illinois Technology Services
Created:2017-01-10 12:26 CDTUpdated:2018-03-26 11:03 CDT
Sites:University of Illinois Technology Services
Feedback:  1   0