Securely Deleting Electronic and Paper Records
Different media types require different destruction methods which also vary by the intended re-use of the media. Be aware that deleting a file, even using a method described below, will not remove other copies of the file, including duplicates or backups on the same drive, copies on other media, and copies stored in backup systems or drives.
Media that will be re-used within the same unit can either be Cleared or Purged.
Media that will be transferred to another unit, disposed of, or otherwise removed from control of the unit can either be Purged or Destroyed.
Purge and Destroy methods are acceptable when Clear is specified, and Destroy is acceptable when Purge is specified.
|Paper||NA||Shred, pulverize or incinerate||Use either a cross-cut shredder, or use a certified shredding service|
|Individual Files stored on a hard drive||Overwrite using a secure erase utility||NA||Heidi Eraser, Windows ‘sdelete‘, OSX ‘Secure Empty Trash‘|
|Individual files stored on an encrypted hard drive or encrypted flash drive||Normal OS file delete is sufficient||NA||Must be encrypted according to the Mobile Computing and Storage Devices Standard.|
|CD (including R and RW) and DVD (including R and RW)||NA||Incinerate or shred|
|Mobile phones, smartphones, tablets||Use the ‘Erase All Content’ feature||Shred or incinerate||Verify with manufacturer that the feature securely erases data or performs a complete Cryptographic Erase (all storage is encrypted and the erase function destroys the encryption key). Apple iOS, Blackberry, and most versions of Android support secure erase.|
|Magnetic tape, floppy disks, ZIP disks||Overwrite data||Degauss||Shred or incinerate|
|Magnetic hard drives||Single-pass overwrite||ATA Sanitize, ATA Secure Erase, SCSI Sanitize or degauss||Shred or incinerate||Ideally, use a utility from the disk manufacturer, such as Corsair SSD Toolbox, Crucial Storage Executive, Dell Data Wipe, Intel Solid State Drive Toolbox, OCZ Toolbox, Samsung Magician Software, SanDisk SSD Toolkit. If not available, use a Single-pass overwrite using utility such as DBAN or Heidi Eraser. ATA Sanitize and Secure Erase supported by HDDErase or hdparm. SCSI Sanitize supported by sg_sanitize. Secure Encrypted Drives may be cleared or purged using Cryptographic Erase.|
|Damaged or non-functional magnetic hard drives||NA||Degauss||Shred or incinerate|
|ATA Solid State Drives||Single-pass overwrite or ATA Secure Erase||ATA Secure Erase or Cryptographic Erase||Shred, pulverize or incinerate||Ideally, use a utility from the disk manufacturer, such as Corsair SSD Toolbox, Crucial Storage Executive, Dell Data Wipe, Intel Solid State Drive Toolbox, OCZ Toolbox, Samsung Magician Software, SanDisk SSD Toolkit. If not available, use ATA Sanitize and Secure Erase supported by HDDErase or hdparm. SCSI Sanitize supported by sg_sanitize. Secure Encrypted Drives may be cleared or purged using Cryptographic Erase.|
|Flash-based removable media (USB flash drives, SD cards, etc)||Multi-pass overwrite||manufacturer supported Purge functionality, or destroy.|