Disposing Of Equipment Securely

It's easy to ignore security when we're getting rid of things. Whether we sell, recycle, donate, or just toss our devices away, it's all too easy to forget about the data they hold.

Unless we securely erase our devices first then our personal information is at risk of being found or recovered, whether by fraudsters who 'dumpster dive', accidentally (such as this huge error by the UK security service, MI6), or by determined criminals recovering thrown-out IT equipment.

See the details below for how to securely dispose of:


Computers

Computer

Over the years our computers accumulate many personal - and often sensitive - files and documents.

It's not only the obvious files too; there's a lot of "hidden" data on your computer that you don't normally see, such as your internet history or passwords that your web browser stores. Even files you think you've deleted often haven't actually been erased and can be recovered.

If you don't dispose of your computer properly there'll always be a lot of information about you that others could find. So how can we prevent this?

One way is to simply physically destroy your hard drive, although this can sometimes be harder to do than you might think. For home users our best option is to run some special erasing software on your computer.

Remember too - before disposing of your computer, always double check that any CDs, DVDs, or memory cards have been removed from the computer first!


Mobile phones

Mobile phones

Mobile phones these days can become obsolete quickly. What do you do with your old phone when you upgrade - do you keep it as a spare, binning it a few years later? Or do you recycle it, sell it, or donate it? (in other words just give it - and all your data on it - to someone else...?)

Phones can contain a lot of sensitive personal data - even if they're not thrown away until a few years later. Emails & text messages to loved ones? Personal photos (maybe even intimate ones)?

And think too - if you don't change your passwords often to sites such as Facebook or Twitter, you may also be giving other people access straight into those.

Even if you have a pin code set on your phone (always a good idea!) you can't always rely on this to protect your data.

So, before letting your phone go - wherever that's to - it's wise to always erase everything on it. Fortunately this is often easy to do.


CDs, DVDs, USB sticks, & memory cards

DVDs

DVDs, USB sticks, and memory cards (such as from your cameras) can contain a lot of highly sensitive information, especially if you've used them to backup your critical files.

Some paper shredders (see below) are capable of securely destroying CDs & DVDs; use these to destroy your CDs and DVDs first if you can! If you don't own a powerful-enough shredder though then it's often worth checking if your place of work will take them - most offices will have some way of disposing of their own CDs and DVDs, which you might be able to take advantage of.

Failing this, snapping your DVDs in half or smashing them up (be warned - they're surprisingly tough!) will prevent opportunists from reading your data; only determined identity thieves will bother using specialist equipment to recover broken CDs or DVDs.

For USB sticks and memory cards, you might be able to securely wipe the data on it using a secure erasure program before disposing of it. This is described above for securely erasing Computers, in "Method 1" part (d).

If none of this is applicble to you, then for peace of mind you can use a local specialist computer recycling firm to destroy your CDs, DVDs, USB sticks, or memory cards - check first that they meet a recognised secure destruction standard such as "BS EN 15713" (in the UK) or "NIST SP800-88" (USA).


Paper records

Paper documents

Sensitive paper records that should be securely destroyed include anything showing personal information or which can be used for proof of identity. This could be (amongst others):

  • Bank statements;
  • Utility bills;
  • Payslips;
  • Photocopies of passports or driving licenses, or;
  • Any legal or other financial records or correspondance.

Destroying sensitive paper records is easy - all it takes is a simple and cheap paper shredder to keep your personal information away from 'dumpster diving' criminals.

When looking for a shredder, it's best to get a "cross cut" shredder that cuts documents into smaller pieces. The UK consumer magazine "Which?" reviews shredders here.


Have any feedback on this page? Let us know - [email protected]