University of California, Riverside

Security



Methods of Data Sanitization


Recommendations & Procedures

Several methods can be used to scrub or render unreadable, data on disks, tapes, and other read/write media. Use of software techniques such as erasing and over-writing are sufficient for medias not containing protected or sensitive data. Special consideration should be given for tapes and disks containing potentially damaging data and the preferred method should include degaussing or physical destruction.

Contents

Data Sanitization Methods

Erasing/Over-Writing

Erasing by over-writing is an acceptable method of scrubbing data that is not sensitive or protected. It is recommended that multiple passes be performed with random over-write patterns - not just all zeros or other single character. The two products below are free and able to over-write Microsoft and Unix operating systems:

  • Darik's Boot and Nuke ("DBAN") creates a bootable floopy, DVD or CD to automatically delete the contents of any hard drive and is free.
  • Eraser is another windows tool capable of pseudorandom writing of data.

Macintosh OS X users have the capability, in the Finder menu, to securely remove files by selecting "Secure Empty Trash." The two below free products are available to scrub data:

  • Burn guarantees to delete files with 90% certainty
  • Eraser Pro is capable of selectable options from a single file to folders to entire disks.

This process of sanitization is considered the "minimum-standard". Upon completion of sanitization, the Sanitization Completion form should be completed and forwarded with the equipment to Equipment Management for disposition.

Return to Top

Degaussing

Degaussing is a method of applying a strong magnetic field to magnetic media zeroing out any data. Degaussing (or destruction) should be performed on any media that is non-functioning (damage or hardware failure) containing Sensitive-/Protected- data. Successful degaussing (demagnetization) renders the device unreadable by removing the media's magnetic charge, thus rendering the drive inoperable. Be sure the degausser used is rated for the correct Oersteds (measure of magnetic strength) rating to ensure full erasure. Vendor maintenance agreements should be reviewed to verify vendor compliance for successful destruction of writeable media when replaced during maintenance activities.

Operating degaussing equipment may damage watches, cards with magnetic strips and affect pacemakers. This method is a reliable valid method for sanitization. However, this method is best completed by a vendor or purchased for approximately $4,000 or rented as needed.

Return to Top

Physical Destruction

Physical destruction of disks and other magnetic media via hammering, heat (e.g. blow torch), or punching holes through the disk platters by drilling, is an acceptable industry sanitization practice. Sufficient force should be used directly on top of the hard drive unit (removed first from chassis or cabinet) to cause shock/damage to the disk surfaces. Cut, bend or damage all electrical connectors so to prevent re-installation. Physical destruction must be accomplished to an extent that precludes any possible further use.

It is important to note that Physical Destruction is required in the event a system is inoperable.

Return to Top

Summary of Data Sanitization Methods

MethodRe-UseMedia Destroyed
Erasing/Over-Writing Yes No
Degaussing Probably Not Yes
Physical Destruction No Yes

Data Sanitization Practices by Organization

Return to Top

PDA and Smart Phone Sanitization and Destruction

Sanitizing PDAs and Smart phones usually involves inserting a pin or paperclip when the device is powered off performing a "cold reset", but the procedure can vary depending on the manufacturer (contact the vendor for assistance). Although this is the recommended approach, there is no guarantee that all data has been permanently rendered unrecoverable. Through the use of expensive specialized hardware, the data may be recoverable.

Return to Top

Network Printer Communication

When restricted data is output to a network-attached printer, data is vulnerable to unauthorized interception. When printing restricted information is required, products such as JetDirect can be used to provide encryption. Alternatively, the printer can be directly attached to a server that utilizes a protocol, such as IPP, that can encrypt its network traffic.

Additionally, pages printed or faxed are stored for a period of time in printers' memory. The last page/fax printed also resides as an image on the print drum. Therefore when University printers are being moved, recycled or disposed of by outside service firms there are data security procedures to be observed, and contractual requirements like HIPAA, BAA, Data Security Appendix require data destruction. Printer hard drives or memory cards should be subject to the same data sanitization procedures as all other data storage media.

Return to Top

Operational Issues

There may be a greater risk of people reading printed material than intercepting the network traffic when the destination printer does not have sufficient access controls, e.g. by being in a secure facility or through some authentication mechanism provided by the printer. The University has a growing number of applications that require employees to print restricted information, such as personal health care information or pay advice stubs. Resource providers should consider printer security when this is the case.

Many printers do not support encryption, and the cost and space requirements for dedicated print servers may be high. When restricted information must be printed, printers and associated encryption solutions must be selected to fit within the printing infrastructure, as well as providing encryption.

Return to Top

Recommendations

Resource Custodians for departmental and campus print services should assess the secure printing needs of their communities and provide solutions and education, as appropriate.

Return to Top

More Information 

General Campus Information

University of California, Riverside
900 University Ave.
Riverside, CA 92521
Tel: (951) 827-1012

Department Information

Computing & Communications
Computing & Communications Bldg.

Tel: (951) 827-4741
Fax: (951) 827-4541
E-mail: helpdesk@ucr.edu

Footer