This post originally appeared in Equipment Connection, the Hartford Steam Boiler and Inspection Company’s (HSB) blog. It was authored by Monique Ferrarro, Cyber Practice Counsel at HSB, in collaboration with Gerry D’Agostino, Market Development Consultant at HSB.
So, you bought a new smartphone or replaced your outdated computer. What should you do with the old ones? Since your data is stored on the hard drive, you need to dispose of the device safely.
Otherwise, you may open yourself up to a cyberattack, data breach, loss of intellectual property or loss of reputation. Here are three tips for securely discarding or transferring ownership of your digital devices:
- Back up your data. Make sure to save the files you need to a removable drive, the cloud or new computer.
- Erase your data if you plan to donate or sell your devices. Your used equipment can live a useful new life in a non-profit or educational institution. Whether you are donating or selling the device, make sure to completely erase the data first.
- Wipe, don’t format. Formatting a hard drive does not delete or overwrite your data – all of the information remains in the file management system. If you were to sell or donate your device, or if someone found it in a dumpster, software could be used to see all of your data still on the drive.
If you have high-risk data stored on your devices, you can wipe the drive yourself or use a certified refurbisher. “High-risk” includes financial account information, passwords and personally identifiable information such as names, social security numbers, birth dates or health information. Whether you wipe the data yourself or use a professional service, military grade standards should be used to erase your hard drive.
If you have a recent device, which uses encryption, backing up your data to the cloud and then changing the password should be sufficient. You can do a web search for the model and operating system of your mobile device to confirm it uses encryption.
Change email account passwords and ensure that the device is removed from your mobile carrier’s account. Follow directions from the manufacturer for wiping and resetting your device. Once the process is complete, make sure you are no longer receiving messages on the device.
If you plan to permanently dispose of the equipment
There are a number of options for securely destroying disks and mobile devices. Sending equipment to a secure disk shredding facility is one option.
Removing the drive from your computer or laptop and running a drill through it several times is effective in destroying the contents. Physically destroying a mobile device ensures the memory cannot be accessed.
When disposing of electronic devices, do so according to environmental regulations. You can send your device to a service that specializes in recycling, or wait for a local electronics recycling event.