12.4.5 Render Data Unrecoverable on Electronic Devices Prior to Transfer or Disposal

Policy Statement

All data on digital storage media must be rendered unrecoverable before the electronic device containing digital storage media is transferred between individuals or units within the system, to third parties, or to Surplus Warehouse Operations for reuse or secure disposal.

Definitions

Degauss—Permanent erasure of data rendering data unrecoverable, according to federal requirements.

Encryption Key Destroyed—All traces of a cryptographic key have been removed in such a way to render the data unrecoverable by physical or electronic means.

Inoperable Device—Electronic device (e.g., computer, USB stick, hard drive, etc.) has been rendered useless via dismantling, disrepair, or other means.

Overwritten—Previously stored data is replaced with random patterns.

Reason for the Policy

To determine whether an electronic device contains digital storage media and requires data elimination in accordance with system policy.

Applicability of the Policy

All electronic devices containing digital storage media prior to transfer between individuals or units within the system, to third-parties, or to Surplus Warehouse Operations for reuse or secure disposal.

Procedure

Procedural specifics for this policy are detailed in the IT15-Storage Media Security Standard. Oversight for this policy (compliance, maintenance, and definition for the associated standard) is assigned to the Chief Information Officer for each university and the University of Illinois System unless governance is otherwise provided for in university or system policy.

Consult the appropriate university information technology office or University Property Accounting and Reporting (UPAR) for assistance.

Unit designates and assigned FABweb unit representatives submitting disposals must attest that the proper data elimination policies and procedures were followed, and the scrub label is completed and attached to all required digital media devices and equipment.

To remove data from electronic devices:

1. Magnetic media must be either completely overwritten (at least one full pass) or degaussed prior to disposal;
2. High-Risk Data Storage Device Disposal Preprocess Protocol
   1. Completely and securely overwrite or degauss storage media; or
   2. Secure-delete all encryption keys for strongly-encrypted volumes; and
   3. Conspicuously tag the device or system, indicating and confirming:
      1. The system once contained high-risk data;
      2. The storage media have been properly prepared as noted above in items A or B, and are ready for destruction;
      3. The date, unit name, and system manager name
3. Affix a scrub label to the front of the item to certify that the unit has removed the data. On the label, ensure unit IT support completed the scrub label as follows:
   1. "Degaussed" if the data was degaussed.
   2. “Encryption key destroyed” to render the data unrecoverable.
   3. "Inoperable Device" if the device is inoperable and cannot run data elimination software.
   4. "Overwritten" if the data was overwritten.
   Important: Do not remove the hard drive or other components. If the Scrub Label is missing, the unit may be charged for the cost of eliminating the data or the equipment may be returned to you for scrubbing, at the unit’s expense. Ensure the IT employee responsible has completed, signed off, and affixed the scrub label.
4. Consult Additional Resources below for general information about data elimination, data scrubbing software, and Scrub Labels. For assistance, contact UPAR.