Secure data removal

OIT and Materials Management have recently updated the Data Removal Procedures to include additional requirements to prepare electronic devices for surplus.

Pursuant to the procedures, before you decide to surplus any equipment or devices, you must:

  • Fully erase or destroy storage devices such as a computer hard drive and flash drive.
    Keep in mind that many types of devices contain storage media, including copiers, printers, phones, and other portable electronic devices.
  • Remove:
    • any device or firmware password such as Basic Input/Output System (BIOS) and Unified Extensible Firmware Interface (UEFI); or
    • device security measures such as a screen lock, PIN code, activation code, Touch ID, and Face ID.
  • Attach a label to the equipment signed by an NC State employee certifying:
    • storage devices are erased or removed; and
    • all security passwords or device security measures are removed.  

See Disposition of Property for details about how to prepare surplus labels.

These procedures allow the university to comply with multiple federal and state regulations, fulfill software licensing agreements, and maintain data security by reducing the exposure of sensitive data.

If you need assistance to meet these requirements, contact your local IT support personnel or asset management coordinator.

For additional information about these new updates, see Secure Data Removal at NC State.