...
When these storage and media devices become obsolete or are no longer needed the sensitive or private data must be effectively removed from the storage media or be destroyed before the devices are recycled, reused, disposed of, or discarded. The removal process is variously called data removal, data/media sanitization, data/media destruction, or similar terms. This is distinct from the terms data de-identification or data masking which refer to modifying live data from production systems so the data can be used in development and testing environments without exposing the production data. In this document we will use media sanitization for compatibility with federal guidelines.
...
Educational institutions are encouraged to carefully re-evaluate their existing policies on media sanitization, or to thoughtfully create such policies if none currently exist, using the NIST Guidelines for Media Sanitization and the practical advice collated here.
| Tip | ||
|---|---|---|
| ||
A list of higher education computer disposal #policies policies and practices is available below. |
...
The National Institute of Standards and Technology published NIST 800-88 Rev. Revision 1, Guidelines for Media Sanitization, in September 2012December 2014. This document provides the previously missing authoritative and comprehensive advice and forms the basis for a rational approach to protecting and eliminating sensitive data stored on no longer needed IT assets and media.
...