Media Disposal Guideline

OVERVIEW

The OU Media and Data Disposal Guideline reflects the University’s commitment to prevent disclosure of confidential or regulated information as a result of improper disposal or reuse of computer hardware and electronic media.  The purpose of this guideline is to define the best practices for media disposal at the University of Oklahoma. 

 

WHEN TO DESTROY

IT Administrators must sanitize electronic media when:

• electronic media is no longer needed;
• media is pending destruction pickup by an authorized OU IT destruction service (GreenSafe or HITECH);
• media is assigned to a new user or a new purpose;
• media is compromised by malware, upon instructions from OU IT Security Operations; or
• media is being shipped to manufacturer for repair or replacement.

Before disposal of records containing personally identifiable information or other sensitive information, each device should be evaluated to determine if the device should be sanitized or if the data on the device needs to be retained and transferred elsewhere within the University.

 

METHODS OF DESTRUCTION

Departments with their own technical personnel may perform their own data wipes and drop off the cleaned equipment at the OU IT Business Office.  The methods below describe OU IT approved media sanitization methods.

 

Paper Records

University Personnel should securely dispose of hardcopy materials by using:

1. crosscut shredders; or
2. locked University shred bins.

 

Santization by Microsoft SDelete

Recommended for securely deleting files only, helpful when downcycling equipment. 

 

Santization by MacOSX Secure Empty Trash

Recommended for securely deleting files only, helpful when downcycling equipment, Secure Empty Trash is built-in functionality for securely deleting files. 

 

Sanitization by Active@ KillDisk

Recommended for ATA Hard Disk Drives (PATA, SATA, eATA, etc.), OU IT provides IS Administrators a copy of Active@ KillDisk.  Active@ KillDisk provides a certificate of destruction to be maintained with inventory records.  Electronic media sanitized by Active@ KillDisk should be done so using US DOD 5220.22-M (ECE) 7 Pass erase method.

 

Sanitization by Degaussing

Data Center electronic media that cannot be sanitized by Active@ KillDisk can be destructed by degaussing. 

 

Solid State Hard Drives (SSD), Flash Drives and SD Cards

Secure deletion tools do not work on flash based hard drives such as SSD and SD cards.  For users needing to erase files on flash based hard drives, Sanitization by Encryption can adequately mitigate the risk of data exposure. 

 

Sanitization by Encryption

Cryptographic erase leverages the encryption of target data by enabling sanitization of the target data’s encryption key. This leaves only ciphertext remaining on the media, effectively sanitizing the data by preventing read-access.  Electronic media that cannot be sanitized by Active@ KillDisk or by Drilling can be sanitized by cryptographic erase.  Electronic media sanitized by cryptographic erase sanitization must:

1. Be encrypted with an OU IT full disk encryption tool, prior to storing any data on the electronic media; or
2. Be encrypted with a full disk encryption tool, prior to storing any data on the electronic media;
3. At the time of disposal or reuse, delete all associated encryption keys;
4. Reformat the drive.

 

Sanitization by Reset – Portable Computing Devices

Smart Phones, Personal Digital Assistants (PDA), and tablets may be sanitized by:

1. Perform a full factory reset using the devices factory reset function; or
2. Issue a remote wipe command from the Microsoft ActiveSync Administrative Console to a device registered in ActiveSync.

 

Sanitization by Reset – Network Devices

Network devices requiring sanitization should perform a full factory reset using the devices factory reset function.

 

Sanitization by Reset – Multi-Function Printer Devices

Multi-function Printer Devices may be sanitized by:

1. Perform a full factory reset using the devices factory reset function;
2. Complete and maintain an Electronic Disposal Form.

 

DESTRUCTION RECORDS AND LOGS

Documentation, for potential audit purposes, attesting to the erasure of licensed software and data is required in order to complete the disposal process.  Media disposal requests should be submitted to the IT inventory owner.  The disposal request or log, should include:

1. Date and time of disposal;
2. Unique identifier of media to be disposed of;
3. Description and classification of data to be disposed of;
4. Reason for media disposal; and
5. Method used to render data unrecoverable or other disposal method.