EXPLANATION
Data Sanitization is the process of deliberately,
permanently, and irreversibly removing or destroying data stored on a device or
electronic media. A device that has been successfully sanitized has no residual
data even when data recovery is attempted with advanced forensic tools.
PURPOSE
This document provides University departments with a clear list of acceptable
methods, options, and the corresponding instructions to produce consistently
reliable results when Data Sanitization is required.
Approved Data Sanitization methods are listed where
available. The sanitization method selected should be the option that best
suits the operational needs of a University department.
SCOPE
Any electronic device or media owned, managed, leased, or
utilized by the University community with the ability to store, process, or
transmit Internal, Confidential, or Restricted Data (See UL Data Classification
Policy). Examples include, but are not limited to, Hard Drives, Solid-State
Drives, CDs, Backup Tapes, USB Drives, Smart Phones, Tablets, Fax Machines,
Routers, Network Storage Devices, Printers, or Internal Memory Components (ROM,
RAM, SRAM, etc.)
The following requirements and procedures should also be
referenced when specifying Data Sanitization requirements and procedures for
contracted partners or service providers storing or processing University data.
IT Desktop Services is responsible for the sanitization of end-point
devices purchased through the PC Depot website. All other devices purchased through
means extrinsic to the PC Depot must be sanitized by the department that has
purchased said device, according to the guidelines listed below.
REQUIREMENTS AND PROCEDURES
·
Destruction
Approved methods:
o
Pulverize
o
Melt
o
Incinerate or
Disintegrate
Additional Requirements:
o
Sanitization Log
(see Logging Requirements below)
o
Use of an
approved process or partner
·
Purging
Approved methods:
o
Degaussing
Additional Requirements:
o
Sanitization Log
(see Logging Requirements below)
o
Use of approved and
serviced equipment
·
Clearing
Approved methods:
o
Overwrite (Single
or Multiple Pass)
o
Factory Reset
o
Removing Power
Additional Requirements:
o
Sanitization Log
(see Logging Requirements below)
o
Only approved
procedures and software are to be used (see Process Requirements)
o
Overwrite
Procedures must be documented, validated, and approved prior to departmental
use on production equipment
Logging Requirements
When preparing equipment for
Louisiana Property Assistance Agency (LPAA) surplus or disposal, the LPAA
Sanitization Certificate form should be used. (See LPAA POL 201401).
If equipment is not destined for LPAA, then a Sanitization
Log Record must be created.
Each Sanitization Log Record must contain the following
fields of information:
•
Media or
Device Type
•
Sanitization
Status Code (see Approved
Processes section below)
•
Manufacturer
unique ID (Ex. Hard Drive
Serial Number)
•
Date and Time
of Sanitization
•
Full Name and
ULID of individual that performed the sanitization
Sanitization Logs may be created and
maintained manually or by an application but must be maintained at the departmental
level.
Process Requirements
Each known device or media type is
listed below with the steps required to ensure all data has been removed prior
to disposal or surplus.
Following each process will produce a
"Sanitization Status Code" required for the Sanitization Log.
Prior to any sanitization actions the
following considerations should be made:
•
Data Retention
Requirements
Departmental staff should ensure that performing Data Sanitization
does not violate any University directive or legal obligation to retain data.
(Ex. "Legal hold")
•
Work Area
Ensure individuals performing the sanitization have an
organized and controlled work area to ensure devices or media are not accidentally
mixed with similar production devices or media.
•
Inventory
If bulk sanitization is required, an initial inventory
should be taken (and updated as needed) of the devices or media to ensure all
devices or media are accounted for throughout the sanitization process.
Once sanitization is complete, a
final count should be completed to confirm that all devices or media are
accounted for and have been successfully sanitized.
A UL Lafayette Data Sanitization
label, distributed by the UL Lafayette Print Shop, must be affixed to all sanitized
electronic devices. At a minimum, the label must have the word “Sanitized”, the technician’s initials, and the date of
sanitization.
Approved Processes
Listed below are approved sanitization
processes for common types of storage media. Please consult this documentation
for guidance on proper data sanitization procedures:
•
CD or DVD - (Optical
Media)
For all Optical Media Discs:
o
Destroy disc
using approved destruction methods (see Sanitization REQUIREMENTS AND
PROCEDURES section above)
o
Create a Sanitization
Log Record
o
Use Sanitization
Status Code: OMDS
•
Desktop or
Laptop - (Workstations)
Any:
o
Workstation
joined to a state domain or allowed a user logon
o Test workstation or "Lab
equipment" used to process, store, or transmit any state data
For devices containing a single Hard Disk Drive (HDD) or Solid-State
Drive (SSD):
o
Use
HDD or SSD process below
For
devices containing multiple internal HDDs or SSDs:
o
Extract each
drive
o Use HDD or SSD process below
For instances where the drive(s) will be extracted from the workstation
and reused, and the workstation will be disposed of or placed in surplus.
o
Extract drive(s)
o
Label device for surplus
(if applicable)
o
Use Sanitization
Code: RD
o
Please note: A Sanitization Log Record will
still be required once there is a need to sanitize the extracted drive(s).
•
Fax Machine -
(Facsimile)
For working devices that only perform facsimile functions:
o
Power on device
and perform a factory reset via menu or manufacturer instructions.
o
If completed
successfully, label device with a completed Data Sanitization label.
§
Create a Sanitization
Log Record
§
Use Sanitization
Status Code: MRS
o
If the device
does not have a reset option or does not complete the reset successfully:
§ Follow the process for broken devices
below
For broken devices that only perform facsimile functions:
o
Destroy the device
using approved destruction methods (see Sanitization REQUIREMENTS AND PROCEDURES
section above)
o
Create a Sanitization
Log Record
o Use Sanitization Status Code: DS
For devices that perform fax, printer, and copying functions:
o
Use
Multifunction Device (MFD) process below
•
Printer,
Scanner, Copy Machine, or Multifunction Device (MFD) - (Office Equipment)
For devices containing a Hard Disk Drive (HDD) or Solid-State Drive
(SSD):
o Use HDD or SSD process
below
For operational devices
that do not contain HDD or SSD internal storage:
o
Contact the
manufacturer (by email, phone, or website) for the steps required to clear all
data for the specific device model
o
If completed
successfully, label device with a completed Data Sanitization label.
§
Create a Sanitization
Log Record
§ Use Sanitization Status Code: MRS
For working or broken devices that do not store or cache data:
o
Label device with
a completed Data Sanitization label.
o
Create a Sanitization
Log Record
o Use Sanitization Status Code: ND
For broken or damaged devices that have been confirmed to or expected to
store or cache data:
o
Destroy the device
using approved destruction methods (see Sanitization REQUIREMENTS AND PROCEDURES
section above)
o
Create a Sanitization
Log Record
o
Use Sanitization
Status Code: DS
•
Smart Phone,
Tablet, or PDA (Ex. iPhone, Android, Blackberry, iPad, etc.) – (Mobile Devices)
For operational devices:
o
Perform a Full
System Reset or contact the manufacturer (by email, phone, or website) for the
steps required to perform a FULL Factory Reset
o
If reset
completed successfully:
§
Manually spot
check device to ensure all photos, documents, and history were successfully
removed
§
Label device with
a completed Data Sanitization label.
§
Create a Sanitization
Log Record
§
Use Sanitization
Status Code: MRS
o
If reset failed:
§
Follow the process
for broken or damaged devices below
o
If reset is not
available:
§ Follow the process for broken or
damaged devices below
For broken or damaged devices:
o
Destroy device
using approved destruction methods (see Sanitization REQUIREMENTS AND PROCEDURES
section above).
o
Create a Sanitization
Log Record.
o
Use Sanitization
Status Code: DS
•
Firewall,
Router, Switch, Access Point or Voice Over IP (VoIP) Handset - (Network
Devices)
For operational devices:
o
Contact the manufacturer
(by email, phone, or website) for the steps required to perform a Factory Reset
o
If reset
completed successfully:
§
Label device with
a completed Data Sanitization label.
§
Create a Sanitization
Log Record
§
Use Sanitization
Status Code: MRS
o
If reset failed:
§
Follow the process
for broken or damaged devices below
o
If reset is not
available:
§ Follow the process for broken or
damaged devices below
For broken or damaged devices:
o
Destroy device
using approved destruction methods (see Sanitization REQUIREMENTS and
PROCEDURES section above)
o
Create a Sanitization
Log Record
o
Use Sanitization
Status Code: DS
Portable
USB Drives or Memory Cards - (Removable Media)
For all:
o
Destroy disc
using approved destruction methods (see Sanitization REQUIREMENTS AND PROCEDURES
section above)
o
Create a Sanitization
Log Record
o
Use Sanitization
Status Code: RMDS
Hard Disk
Drives (HDD) or Solid-State Drives (SSD) - SCSI, IDE & xATA
For an operational drive:
o
Follow one of the
approved UL IT Overwrite Standard Operating Procedure (SOP) below:
§
IT SOP 1-01 Drive
Overwrite Procedure — (Single Pass)
§
IT SOP 1-02 Drive
Overwrite Procedure — (Triple Pass)
o
If the approved UL
IT Overwrite Standard Operating Procedure (SOP) completed successfully:
§
If applicable,
make sure to correctly place drive back in the correct parent device
§
Label device with
a completed Data Sanitization label.
§
Create a Sanitization
Log Record
§ Use Sanitization Status Code: OWS
For a damaged or inoperable drive:
o
If HDD:
§
The drive may be
degaussed (if equipment is available) or destroyed
§
If Degaussing is
preferred:
·
Degauss
·
Create a Sanitization
Log Record
·
Use Sanitization
Status Code: OWFDGS
·
Label original
(parent) device with a completed Data Sanitization label.
§
If Destruction is
required:
·
Destroy drive
using approved destruction methods (see Sanitization REQUIREMENTS AND
PROCEDURES section above).
·
Create a Sanitization
Log Record.
·
Use Sanitization
Status Code: OWFDS
·
Label original
(parent) device with a completed Data Sanitization label.
o
If SSD:
§
Destroy drive
using approved destruction methods (see Sanitization REQUIREMENTS AND
PROCEDURES section above)
§
Create a Sanitization
Log Record
§
Use Sanitization
Status Code: OWFDS
§
Label original
(parent) device with a completed Data Sanitization label.
Backup
Tapes - (Magnetic Tape)
For all:
o
If degausser is
available:
§
Degauss
§
Create a Sanitization
Log Record
§
Use Sanitization
Status Code: DGS
o
If degausser is
not available:
§
Destroy tape
using approved destruction methods (see Sanitization REQUIREMENTS AND
PROCEDURES section above)
§
Create a Sanitization
Log Record
§
Use Sanitization
Status Code: DS
Server or
Network Storage
For all:
o
Remove each
individual storage drive
o
Follow the process
for HDD above
DRAM,
SRAM, or NOVRAM - (RAM)
For all:
o
Remove power or
battery for a minimum of 5 minutes
o
Create a Sanitization
Log Record
o
Use Sanitization
Status Code: PRS
EAPROM,
EEPROM, or EPROM - (ROM)
For all:
o
Destroy media
using approved destruction methods (see Sanitization REQUIREMENTS AND PROCEDURES
section above)
o
Create a Sanitization
Log Record
o
Use Sanitization
Status Code: DS
If a department identifies a device
or media type not listed above, please contact UL IT Desktop Services to
request guidance for the approved sanitization process. Please make sure to
include manufacturer, description, and explanation of the device or media
function in a specific business process.
NON-COMPLIANCE AND EXCEPTIONS
All exceptions and requests for alternative procedures to
this University Data Sanitization Standard must be documented and submitted via
a Service Desk Request for review and approval. Written approval must be obtained
from UL IT and UL Property Management prior to utilizing any alternative Data
Sanitization procedures.
University departments and individuals are ultimately
responsible for their full compliance with University policy, standards, and
procedures regarding the safeguarding of data and the required data
sanitization when disposing of data devices. Failure to comply with these standards
and procedures may
include, but is not limited to, disciplinary action up to and including
termination of employment.
The University Chief Information Officer is responsible for
the enforcement of these standards and procedures.
APPLICABLE UL LAFAYTTE IT POLICIES:
·
Comprehensive Information Security
Program:
http://helpdesk.louisiana.edu/sites/helpdesk/files/UL%20Lafayette%20Comprehensive%20Information%20Security%20Program%20-%202014.pdf
RELATED UL LAFAYETTE IT STANDARDS:
·
UL Data Classification Policy:
http://helpdesk.louisiana.edu/sites/helpdesk/files/Data%20Classification%281%29.pdf
RESPONSIBLE OFFICE: Information Technology
APPROVAL AUTHORITY: Gene Fields, Chief Information Officer
STANDARD MANAGER, Desktop Services Manager
CONTACT: ucss@louisiana.edu
STANDARD EFFECTIVE DATE: 1 January 2024
NEXT SCHEDULED STANDARD REVIEW: January 2025
STANDARD REVISION HISTORY:
|
Date
|
Change Description
|
|
10/20/2023
|
Matt Delcambre: Initial draft submitted
|