Highline College

Connect with Highline College

Winter quarter starts Jan. 6. Class enrollment is now open to all current and new students. View the class schedule and enroll today.

1.4 Equipment Disposal Standard

Home/IT Security/IT Security Policy/1.4 Equipment Disposal Standard
1.4 Equipment Disposal Standard 2024-03-25T12:16:18+00:00

1.4 Equipment Disposal Standard

 

1.4.1. Overview

Technology equipment often contains parts which cannot simply be thrown away. Proper disposal of equipment is both environmentally responsible and often required by law.  In addition, hard drives, USB drives, CD-ROMs and other storage media contain various kinds of Highline College data, some of which is considered sensitive. In order to protect our constituent’s data, all storage mediums must be properly erased before being disposed of.  However, simply deleting or even formatting data is not considered sufficient. When deleting files or formatting a device, data is marked for deletion, but is still accessible until being overwritten by a new file. Therefore, special tools must be used to securely erase data prior to equipment disposal.

 

1.4.2. Purpose

The purpose of this standard it to define the guidelines for the disposal of technology equipment and components owned by Highline College.

 

1.4.3. Scope

This standard applies to any computer/technology equipment or peripheral devices that are no longer needed within Highline College including, but not limited to the following:  personal computers, servers, hard drives, laptops, mainframes, smart phones or mobile devices, peripherals (i.e., keyboards, mice, speakers), printers, scanners, typewriters, compact and floppy discs, portable storage devices (i.e., USB drives), backup tapes, printed materials.

 

1.4.4. Standard

1.4.4.1

When Technology assets have reached the end of their useful life they should be sent to ITS for proper disposal.

1.4.4.2

ITS will securely erase all storage mediums in accordance with current industry best practices.

1.4.4.3

All data, including all files and licensed software shall be removed from equipment using disk sanitizing software that cleans the media overwriting each and every disk sector of the machine with zero-filled blocks, meeting Department of Defense standards.

1.4.4.4

No computer equipment should be disposed of via skips, dumps, landfill etc.  Electronic recycling bins may be periodically placed in locations around Highline College.  These can be used to dispose of equipment. ITS will properly remove all data prior to final disposal.

1.4.4.5

All electronic drives must be degaussed or overwritten with a commercially available disk cleaning program. Hard drives may also be removed and rendered unreadable (drilling, crushing or other demolition methods).

1.4.4.6

Computer Equipment refers to desktop, laptop, tablet or netbook computers, printers, copiers, monitors, servers, handheld devices, telephones, cell phones, disc drives or any storage device, network switches, routers, wireless access points, batteries, backup tapes, etc.

1.4.4.7

ITS will place a sticker on the equipment case indicating the disk wipe has been performed. The sticker will include the date and the initials of the technician who performed the disk wipe.

1.4.4.8

Technology equipment with non-functioning memory or storage technology will have the memory or storage device removed and it will be physically destroyed.

 

1.4.5. Compliance

1.4.5.1 Compliance Measurement

ITS will verify compliance to this standard through various methods, including but not limited to, periodic walk-thrus, video monitoring, business tool reports, internal and external audits, and feedback to the standard owner.

1.4.5.2 Exceptions

Any exception to the standard must be approved by ITS in advance.

1.4.5.3 Non-Compliance

An employee found to have violated this standard may be subject to disciplinary action, up to and including termination of employment.

 

1.4.6. Related Standards, Policies, and Processes

None.

 

1.4.7. Revision History

Date By Summary