Appendices

A list of appendices for device sanitization procedures

Appendix I - Mobile Device Sanitization Procedures

iOS: Apple iPhone and iPad

• Select 'Settings > General > Reset > Erase All Content and Settings' menu.
  1. “Erase all content and settings” option in Settings destroys all of the encryption keys in Effaceable Storage, thereby rendering all user data on the device cryptographically inaccessible.
  2. Important: Do not use the “Erase all content and settings” option until the device has been backed up, as there is no way to recover the erased data.
• Refer to Apple's iOS Security Guide for more detailed information.

Android OS

• Perform a factory reset through the device's settings menu.
  1. For example, on Samsung Galaxy S5 running Android 4.4.2, select settings, then under User and Backup, select Backup and reset, then select Factory data reset.
• Refer to Google's Android documentation for more detailed information.

Windows Phone OSA7.1/8/8.x

• In the App list, tap Settings:
  1. Tap About, and then tap Reset your phone.
  2. You'll receive two warnings. If you're absolutely sure you want to restore your phone to its factory settings, tap Yes, and then tap Yes again.
  3. It might take a little while for the process to complete.
• Please note that after the process is completed, all of your personal content will disappear.

Other devices

• Manually delete all information, then perform a full manufacturer's reset to reset the mobile device to factory state.
• Refer to device manual for more detailed instructions.

Appendix II – Individual File Sanitization Procedures

* See Flash Memory section below for special requirements pertaining to solid state memory / SSD.

Mac OS X

• On Mac OS X prior to version 10.11: Use Secure Empty Trash.
• On 10.11+: Secure Empty Trash has been deprecated due to the increased prevalence of SSDs on Macs (see below). There is no replacement equivalent functionality. Make sure your Mac is whole disk encrypted.

Windows

• Use SDelete: https://technet.microsoft.com/en-us/sysinternals/bb897443.aspx

Linux

• Use Shred: http://linux.about.com/library/cmd/blcmdl1_shred.htm

Appendix III – Flash Memory Sanitization Procedures

ATA Solid State Drives (SSDs) (including PATA, SATA, eSATA, and SCSI)

• Ensure that TRIM is enabled on the drive and in the operating system, then delete all files and folders:
  • Mac OS X: http://www.mactrast.com/2013/11/enable-trim-ssds-os-x-mavericks
  • Windows: Open a command prompt and run the following command: “fsutil behavior query disabledeletenotify”
  • “DisableDeleteNotify = 0” means that Windows TRIM commands are enabled.
  • “DisableDeleteNotify = 1” means that Windows TRIM commands are disabled. To enable, run: "fsutil behavior set disabledeletenotify 0"
  • For more information on TRIM, see http://articles.forensicfocus.com/2014/09/23/recovering-evidence-from-ssd-drives-in-2014-understanding-trim-garbage-collection-and-exclusions/


AND

• Overwrite the full drive with at least two write passes to include a pattern in the first pass and its complement in the second pass. Verify that the data was overwritten. Recommended product: BCWipe


and/or

• Physically shred the drive such that the resulting particles have a maximum edge length of 2 mm and a maximum surface area of 4 mm ².

USB Removable Media and Memory Cards

• Overwrite the full drive/card with at least two write passes to include a pattern in the first pass and its complement in the second pass. Verify that the data was overwritten. Recommended product: BCWipe


and/or

• Physically shred the drive such that the resulting particles have a maximum edge length of 2 mm and a maximum surface area of 4 mm ².

Appendix IV – Magnetic Media Sanitization Procedures

Magnetic disks (including floppy disks, ATA and SCSI hard disk drives)

• Overwrite the full drive with at least a single write pass using a fixed data value (such as all zeros). Multiple write passes and more complex values may optionally be used. Verify that the data was overwritten. Recommended product: BCWipe


and/or

• Degauss with a National Security Agency (NSA) approved degausser. Note that degaussing magnetic disks renders them permanently unusable.


and/or

• Physically shred the disk platters such that the resulting particles have a maximum edge length of 20 mm and a maximum surface area of 400 mm2.


and/or

• Incinerate the disk platters by burning in a licensed incinerator.

Appendix V – Optical Media Sanitization Procedures

CD, DVD, Blu-ray Disc

• Physically shred the optical media such that the resulting particles have a maximum edge length of 0.5 mm and a maximum surface area of 0.25 mm ².


and/or

• Incinerate the optical media (i.e., reduce to ash) using a licensed facility.