When our PCs, laptops, phones, and other devices need to be replaced, disposing of them in a way that does not pose a data security risk is especially important. Here are some tips on how to dispose of devices securely.
Backup
Before you begin the disposal process of your device the first thing to do is to make sure that you have a backup of all your important files and data.
Backing Up Your PC
To back up your PC, you could use:
– An external hard drive e.g. WD MyBook Duo, Toshiba’s Canvio, LaCie Porsche Design (good for Macbooks). Many other options are, of course, available. If you have Mac, make sure your chosen external hard drive is Mac compatible.
– A cloud-based backup service, such as Dropbox, Google Drive or Box. These have large amounts of free storage plus, for a relatively small fee you can buy more storage space if needed. For example, Box gives you 10GB of file storage for free, Google Drive gives you 15GB of storage for free, OneDrive gives you 5GB of free storage space, and Apple iCloud gives you 5GB free.
Transfer Files To A New Computer
If you have already purchased a new computer, you may wish to transfer the files from the old straight to the new, although having an updated cloud backup of your work and critical files is good practice anyway.
Sign Out Of Online Accounts
With everything backed up safely, the next step is to make sure that you know login details for (and have signed out of) any online accounts on the old computer. For example, these services/apps could include Facebook, Twitter, Google, Apple and Microsoft.
Wipe The Hard Drive
The next step is to wipe all traces of your data and activity from the hard drive. For those who are planning to wipe the hard drive of a computer that belongs to your employer/the company you work for you will need to first check what the company’s recommended policy or procedure is for doing so, and to check that your actions will be compliant with data protection laws e.g. GDPR.
Wiping the hard drive can involve a number of steps and options, including:
– Delete or overwrite files using software that meets guidelines for secure deletion e.g. File Shredder, Eraser or WipeFile. If you have an older Mac with a hard drive try Secure Empty (Trash option Finder > Secure Empty Trash) but for OS 10.11 and higher and Windows PCs with SSD drives, the drive will need to be encrypted. Although this type of software provides a relatively easy and simple solution, it may take some time to overwrite multiple times.
– Drive Encryption. For PCs, this can be found in Settings > About and Drive Encryption or Bitlocker Settings. For Macs, this can be done via System Preferences > Security & Privacy.
– Deauthorise the computer with relevant accounts. For example, some SaaS accounts (Microsoft 365) and entertainment accounts such as iTunes only allow you to use a certain number of authorised, named devices. If you are getting rid of your device you will need to de-authorise this device with those accounts, thereby enabling you to authorise another device/a new for use in its place with those accounts.
– Delete browser data. Since browsers save information about your browsing history and can store usernames, passwords, and other sensitive personal data, the next step is to delete your browser history, and to make sure that you are signed out of your browsers. For example, to clear your history in Microsoft Edge, go to the three dots (top right) open the browser menu and go to Settings > Privacy & security and select “choose what to clear”, making sure that all checkboxes are selected so everything gets removed. The same will need to be done for all other browsers e.g. Chrome, Firefox, and Safari.
– Uninstall programs. Some programs contain personal data and, therefore, need to be uninstalled.
– Macs (macOS) restart, coupled with Option+Command+R. The process for of wiping the hard drive for Macs is to erase and reinstall the operating system. To do this, go to Apple menu > Restart and, just as it reboots, hold down Option+Command+R until the spinning globe appears. Then, release the keys, choose Reinstall macOS, choose Continue, and follow the instructions.
– Windows PC reset. For a Windows PC, go to Settings (app), click on Update & Security, click on Recovery, choose Get started under the Reset this PC option, and remove all personal files during the process.
– Chromebook factory reset. To wipe your Chromebook, sign in to the Chromebook with the owner account, from the taskbar, click on Settings > Advanced > Powerwash > Restart. When the Chromebook restarts, select Powerwash and click on Continue.
Destroy The Hard Drive
Before recycling a computer, some experts recommend destroying the hard drive in order to be absolutely sure that any sensitive data stored on it cannot be recovered. This can be achieved by removing the hard drive and e.g. hitting it with a hammer or drilling holes in it.
To remove the hard drive, disconnect the PC from its power source, open the casing and locate the hard drive, which generally connected to a SATA data and power cable (or to a flat, wide IDE cable in much older computers), and remove the hard drive from its housing by undoing the screws.
If the device is on the premises of your business at the time, you will need to ensure that care is taken in order to comply with health and safety regulations if trying to physically destroy the hard drive.
Laptop
As with a PC, make sure all important files are backed up, accounts are signed-out of, de-authorisation is completed, and browser data is removed. With laptops, use software to erase the data e.g. File Shredder or Eraser, and remove the hard drive, while taking care to avoid and damage to the inside of the laptop. There are many online guides and videos to help with the removal of laptop hard drives.
Tablet
After backing up your important files and data, the best method for preparing to dispose of a tablet in a way that maintains data security is to use a full factory reset. To do this, tap the app drawer and find the Settings icon, select Backup and reset (left-hand side), uncheck the Back up my data and Automatic restore checkboxes (right-hand side), select the Factory Reset option and follow the instructions. As a ‘belt and braces’ option, select the app drawer, select Settings, select Storage (left-hand side), select Miscellaneous files (right-hand side), select the checkboxes for folders and select dustbin.
Phones
Our phones contain vast amounts of personal data and potentially sensitive company data. It is, therefore, extremely important to dispose of them in a way that does not compromise the security and privacy of yourself, your business/your employer, or any stakeholders and contacts.
Back-Up
Firstly, ensure that you have backed up your phone contacts. After backing up your important data the process is:
For Android
Most up-to-date android phones have a microSD card where the phone’s data is stored. Remove the back of the phone, remove the battery, and remove the microSD card. This can be used in your replacement phone. You will also need to remove your SIM card.
If you need to wipe a microSD card, you can attach it to a laptop (with a USB cable), open ‘My Computer’, locate the microSD card, select all files stored on it and click delete.
For iPhones
An iPhone has an in-built way to return it to its factory default settings, thereby removing your personal data. To do this, go to General, Settings, Reset, and Erase All Content and Settings. This will require you to enter your username and password, and you will be given the chance to update your iCloud backup before you go ahead with the erasing as part of this process.
Data Wiping Company/Charity
Another option is to simply use a trusted third-party data wiping company or charity to professionally clean all data from your devices, hard drives, network routers, switches, and servers. Examples include WeeeCharity, PC4 Recycling, Secure IT Services and Medecon although there are many other similar services. Your IT Support Company may also be able to provide these services or recommend a company in your area. Contact your IT Support Company for details.
Afterwards
After you have wiped your device, and depending on whether the device belongs to you or the business/organisation/your employer, your options may be:
– Recycle the device. Many recycling centres, for example, take old PCs.
– Sell the device. You could choose to sell the device privately online e.g. eBay, Gumtree or Facebook Marketplace, or to a private company that buys devices e.g. Mazuma, Music Magpie, WeBuyAnyPhone or others.
– Donate your device to a charity e.g. Computer Aid International, Turing Trust or IT For Charities.
– Donate your device to a local school, centre, or Freecycle network.
In any case, if the hard drive has been removed, you will need to inform the person, or organisation that you are selling or donating the device to.
N.B. You may wish to consult your IT support company first as they may be able to provide data wiping and IT equipment recycling services or put you in touch with a good service near you.
Important
It is surprising how much personal and sensitive data we store on our devices, so following proven procedures to make sure personal and company data is removed from devices before selling them, recycling them or donating them is a very important consideration for businesses and individuals. As person’s and businesses circumstances are different, please get in touch before disposing of any IT equipment for a detailed and appropriate course of action, specific to your requirements.