Data sanitization is the process of irreversibly removing or destroying data stored on a memory device (hard drives, flash memory / SSDs, mobile devices, CDs, and DVDs, etc.) or in hard copy form. It is important to use the proper technique to ensure that all data is purged. Our guidance below is derived from NIST SP 800-88 Rev. 1 (PDF) ("Guidelines for Media Sanitization").
The policies below define baseline controls for the sanitization and disposal of University data:
- Device Transfer Within an Organization
If the original system owner and the new recipient have the same rights to view the High Risk Data stored on the device, there is no need for data sanitization. If the new recipient has no business justification to access the stored High Risk Data, the files containing this data must be sanitized according to the Data Sanitization Guidelines below. The device may be transferred without removing any Moderate or Low Risk Data.
- Device Transfer Between Organizations
All High Risk Data stored on the device must be sanitized unless an exception is approved and documented in advance by organization management. In addition, all Moderate Risk Data stored on the device must be sanitized according to the Data Sanitization Guidelines below.
- Device Disposal or Device Transfer Off-Campus
If a device is to be disposed of or transferred to a party outside of the University, the device owner or local property administrator must sanitize or remove and physically destroy all device storage regardless if the device is known to contain any High, Moderate, or Low Risk Data. Local property administrators should be prepared to either sanitize or destroy the disk themselves according to the Data Sanitization Guidelines below (and keep a record of the activity) or contact the Information Security Office for assistance.
- Personally Owned Devices Leaving the University
All High, Moderate, or Low Risk Data stored on the device must be sanitized according to the Data Sanitization Guidelines below unless an exception is approved and documented in advance by organization management.
Data Sanitization Guidelines
|iOS: Apple iPhone and iPad||
|Windows Phone OSA7.1/8/8.x||
* See Flash Memory section below for special requirements pertaining to solid state memory / SSD.
|Mac OS X||
Flash memory-based storage devices, or Solid State Drives (SSDs), have become prevalent due to falling costs, higher performance, and shock resistance. Because flash memory operates fundamentally differently from magnetic media, overwriting does not necessarily clear all of the data. For the proper sanitization of flash memory, invoking special data purge commands built into the SSD hardware is the best approach.
|ATA Solid State Drives (SSDs)
(including PATA, SATA, eSATA, and SCSI)
|USB Removable Media and Memory Cards||
|Magnetic disks (including floppy disks, ATA and SCSI hard disk drives)||
|CD, DVD, Blu-ray Disc||
Hard Copy Storage
For other media, please refer to NIST SP 800-88 Rev. 1 ("Guidelines for Media Sanitization") and the manufacturer manuals for appropriate data sanitation techniques, commands, and tools.