Secure Destruction

Deleting files on your computer sends them to the recycle bin. Eventually you delete them and they're gone. The information's been removed from your computer, right? Well, not really. That information has simply been moved around to a part of your computer where you don't see it. If needed, you or someone else can recover those files. Someone with malicious intentions could also recover the files. When deleting information that isn't very important, say an old shortcut from your desktop, regular deletion is enough. However, when handling sensitive information, files need to be securely deleted. What follows are technical instructions on how to securely delete files. This is not an official University policy. For questions about Confidential Records Destruction, please refer to this page. If you have questions about what sensitive information you should have or about secure deletion policy, please contact your Frontline Support Provider.

When you no longer need to keep sensitive information, it should be securely destroyed. If the data is considered Personal Information under Massachusetts law once it is no longer needed it must be securely destroyed such that it cannot be read and cannot be recovered by any reasonable means. Additionally, you must destroy sensitive data if the physical device is leaving your care (e.g. to be transferred to a different department, to be donated to an outside organization, or to be sent back to the original vendor). If you decide that you need to destroy data securely, consider the recommendations below.

Digital Data

Either digital data must be overwritten with random data, or the physical media on which it is stored must be destroyed (or both). In either case, the data must be rendered unreadable and unrecoverable before destruction is considered complete.

• Stored Data

  You can use IdentityFinder to find and 'shred' sensitive data. This will overwrite the file with random data and then erase it from the filesystem. You can also use the free and open-source Eraser tool to securely erase files or to securely erase all the free space on a drive.

• Physical Media

  Hard drives, DVDs, and other physical media that contain sensitive information must be either fully wiped (e.g. with DBAN) or destroyed. You should always remove hard drives and wipe or destroy them if they will be leaving your care. You can also deliver the media to UITSC in TAB to have UIT destroy it. For information about hard drive destruction at Tufts, contact your Information Steward.

• Copiers

  Some copiers, scanners, and printers may keep internal copies of the pages that have been printed or scanned by the machine. Konika Minolta-managed copiers provide a wipe function that overwrites the entire drive sector by sector. If you manage a copier, you must use this function to wipe the drive before it leaves your care. For assistance, contact Purchasing to have the service provider remove and wipe the hard drive for you.

• Other Devices

  Printers and other devices may have hard drives in them as well. If it is possible that sensitive information has ever passed through these devices, the hard drive should be removed and erased or destroyed (in consultation with the equipment's vendor, if appropriate) before sending the hardware away or disposing of it. If the hard drive is not easily accessible, contact the vendor to request that they remove the hard drive and give it to you to securely erase.

Physical Data

For small volumes of data on paper, you can purchase and install a cross-cut shredder for a few hundred dollars. For larger volumes, please contact your Information Steward to work towards a shredding service.

Recovering Deleted Files

There are many tools available for recovering files which have been deleted from your computer. If you securely deleted the files, you will not be able to recover them. One tool which you can download is Recuva. Once you have downloaded the application, you can use it to search your computer for files you have already deleted. 

Download Recuva from the link provided. When prompted with the screen below, click yes.

Once the download is complete, open the Recuva desktop icon. You will see a screen that looks like this:

Follow the wizard instructions. You will be asked where in your computer Recuva should search. Either tell it to search the whole computer or choose a specific location.

The program will search for deleted files and will give you a results list of all the files it finds. From there, you can choose the files you would like to recover.

Shredding in Identity Finder

IdentityFinder for individual computers can be used to securely destroy files. This tool can search your whole computer for files which contain secure information, like social security numbers and credit card records. It can also be used to delete individual files containing secure information. In this example, we will securely delete one file. Visit the IdentityFinder FAQ for more help with running scans of your whole computer. If you have IdentityFinder installed on your computer, open the program and log in.

Click on "Tools" on the horizontal menu bar and then click on File Shredder.

The File Shredder will open the window shown below. Click on the ellipse to search for files. 

Next click "Users" then your name, then the area you want to look in. In this example, we are searching in "My Documents" in the "Secure Information" folder. When you have found the file you want to shred, click it then click OK.

You will be returned to the File Shredder page like this:

 

If you are sure that you have found the file you want to securely destroy, click "Shred." You will be prompted with this window:

Click "Yes" and your files will be shredded. The final window will alert you that your shredding has been successful.

Don't forget to log out of IdentityFinder before closing the window.

Secure Deletion for Windows

Windows does not have a built-in secure destruction tool, but there are many applications which can be downloaded for this purpose. One of these tools is Eraser. To download Eraser, click "downloads," then choose the version listed under "Stable Versions"

Once the download has completed, open the desktop shortcut. You will see this screen:

Click the small triangle next to Eraser Schedule. Then select New Task. In the window that opens, select Run Immediately and then click Select Data. 

This will open a browsing window. For "Erasure Method," choose "Pseudorandom Data (1 Pass)." Under "File" click "Browse" and find the file you want to securely delete In this example, we will delete "Secure Information" from "My Documents."

Click OK to add the file to the Data Set. When you press "OK," the file will be deleted. At this point, you will not be able to recover the file, so make sure that you have selected the correct file before pressing OK.

  

Secure Deletion for Macs

Macs have a built-in secure destruction tool. To securely delete files, put them in the Trash.

Then click on Finder. Choose secure empty trash.