Media sanitization is a process used to securely remove College Data from electronic devices before the devices change owners, are recycled, or thrown away.
Main Page Content
Data from unsanitized devices can usually be recovered through the use of special procedures.
As a result, unsanitized devices may enable unauthorized access to University Data, and violate state or federal data security and privacy laws.
Why "Delete" is Not Enough
Simply deleting files or emptying items from the trash does not completely remove them from your hard drive. Deleted files are still stored on the computer in "unallocated space” and can usually be recovered with freely-available data recovery tools. Not even re-formatting the hard drive guarantees complete deletion of the data. The procedures described here and in the policy documents must be followed to ensure that College Data cannot be recovered.
What do I need to do to protect College Data?
Here are some quick tips to ensure you're not unintentionally putting College Data at risk:
- Always contact LITS before transferring or disposing of electronic equipment. This ensures that the new user of the device doesn't inadvertently get access to data they are not authorized to view or personal files belonging to the original user.
- Avoid saving sensitive data (PII) outside of secure systems (Banner).
- If you need to store College Data use Network shares like FileCity or FileCity2.
- The Information Systems Security Coordinator can assess data you're storing and assist with the creation of workflows to secure that data.
- LITS has a policy for securely removing College Data from any/all of the state devices that have been issued to you. Those policies are listed in the next section for your reference.
If you or your supervisor have any questions regarding this info please reach out to our Information Systems Security Coordinator at InfoSec@brockport.edu.
LITS' procedures for sanitizing specific media devices:
The college's Information Technology staff follow a series of procedures in order to securely clean college data off different types of devices. More information about these procedures can be found through the links below.
- Hard Drives and Tape Storage
- Removable Media (CDs, DVDs, and flash drives)
- Personal Digital Assistants (PDAs), Smartphones, and other handheld devices
- Federal Guidelines for Media Sanitization, NIST Special Publication 800-88
Last reviewed: 12/2015
Reviewed by: PCI Oversight Committee