This site requires JavaScript to be enabled
IE BUMPER
IE BUMPER

Information Resources and Technology

IE BUMPER

Data Destruction Procedure

The Information Security Office has the responsibility to ensure computers and various media that are removed from service are properly erased or have their stored data destroyed. This document will address the methods that should be used to ensure the systems are free of data once they are removed from operation and properly tracked for auditing purposes.
Contents
  1. Purpose
  2. Scope
  3. Responsibilities
  4. Procedure
  5. Tracking File
  6. Reference Links

Purpose

Computers and various media need to be wiped to prevent any sensitive information from being recovered from the system. This is also to comply with licensing agreements for many of our software vendors.

Scope

These procedures are for any university owned equipment that is donated, sent for recycling, or transferred to a new user.

Responsibilities

  1. The Desktop Support team is responsible for ensuring that this process is followed for all the systems directly supported by Information Resources & Technology (IRT).
    • Other IT support teams are responsible for ensuring that this process is followed for all the systems under their support structure.
  2. The Information Security Office is responsible for approving this process.

Procedure

  1. For any PC, internal or external hard drive, USB flash drive or other media use one of the following methods to destroy the data:
    1. Single Pass Wipe with DBAN - http://dban.sourceforge.net/
    2. Drive Erase with hardware eraser - http://www.cru-inc.com/products/wiebetech/wiebetech_drive_erazer_ultra/
    3. Physical destruction via 3rd party contract.
  2. Log the data destruction recording the following information
    1. Date
    2. Computer Name
    3. Computer Serial Number
    4. Hard Drive Model
    5. Hard Drive Serial Number
    6. Date Erased
    7. Technician
  3. Once the media is clean, attach a red sticker to identify the item as clean.

Tracking File

Any equipment that goes through this data disposal process needs to be documented and stored in a spreadsheet called "Data_Disposal". The file is located N:\irt\acr\Desktop Support Services\Processes\. (update this) The following information will be recorded where applicable:

Reference Links

DBAN web site: http://dban.sourceforge.net/

Information Security - KB0010703 by Matthew Mills | Published:2016-01-26 | Updated:2017-01-03 12:06:29 | Views::6

IE BUMPER
Version 1.4.2 (release notes)