Protecting confidential and sensitive data from accidental disclosure is very important. We should strive to properly handle data erasure and the disposal of media. Erasing information or disposal of electronic media (e.g., PCs, CDs, thumb drives, cameras) often leads to a false sense of data security. Be aware of proper methods of sanitizing, destroying, or disposing of media containing sensitive or classified information.
Before discarding your computer or portable storage devices, you need to be sure that that data has been erased or “wiped”. Below are a few tips to assist in disposing your data:
- Read/writable media (including your hard drive) should be “wiped” using Department of Defense (DOD) compliant software.
- Shred CDs and DVDs. This type of media should be physically destroyed.
- Maintain a log of all devices that have been disposed. The log should include the date, type of device, manufacturer, serial number (if one exists), destruction method used, and disposal method such as sold, crushed, or shredded.
For more information on properly disposing of information, please visit:
- US-CERT Cyber Security Tip – “Effectively Erasing Files”
- National Security Agency “Media Destruction Guidance”
Cyber Tip of the Day from the Multi-State Sharing and Analysis Center (MS-ISAC)