Removing Data from Computer and Electronic Storage Devices

Why should I be concerned about removing data?

Computers and other electronic devices store information on a variety of media. It is important to ensure that all licensed software and all University confidential (e.g., classified as internal use, restricted, or restricted-health) information is securely removed from such devices before ownership is transferred. Examples of electronic storage equipment include disk drives found inside computers, external disk drives, CD-ROMs, Zip disks, USB Flash drives, and memory cards.

What is the problem?

Commands such as delete and remove do not erase data, they simply remove the directory pointers to the data’s location on the physical storage media. Emptying the Recycle Bin or Trash Folder also does not erase files. Similarly, fdisk and format commands modify the file system but do not actually remove data from the disk.

How should I remove data?

In order to securely remove data from a device, disk wiping programs have been developed. These programs repeatedly write a (usually random) series of 1s (ones) and 0s (zeroes) over the storage media, in an effort to securely erase information contained on the storage media so that it is not recoverable. Many disk wipe programs let you decide how many times to overwrite the storage media. The best practice is to use from three to seven passes. For transfers within UNC-affiliated departments, a single pass wipe is sufficient.

It is recommended that you destroy media that cannot be wiped, such as CD-ROMs, inoperable/broken disk drives, DVDs, tapes, or other damaged media devices.

Disk Wipe Programs

A short selection of disk wipe programs is listed below. Please note that UNC does not specifically endorse any of the programs and does not have any business relationships to any of the vendors listed.

Software programs that can be used to overwrite media include:

Hardware solutions that can be used to overwrite media include: