Endpoint Equipment Disposal

Introduction

Endpoint device hard drives should be wiped before disposal. If they are not, VT data may be exposed to whomever obtains the device. Endpoint devices typically have at least one physical hard drive and possibly more drives configured in a logical RAID array. This procedure covers how to wipe each physical hard drive. Before following this procedure, you must know how many hard drives are in the device.

Procedure

1. Make sure to copy all the files that you wish to keep from the device.
2. Download the latest Debian ISO image and copy it onto a CD, DVD or USB stick. Follow the Debian instructions on how to do this.
3. Set the device to boot from CD, DVD or USB.
4. After booting Debian, wipe each physical hard drive using this command.

   $ dd if=/dev/urandom of=/dev/YOUR-HARD-DRIVE-LABEL bs=1M
   

5. The process may take anywhere from several hours to several days (depending on the size of the hard drives).
6. Once the process is complete, remove the CD, DVD or USB Drive, run this command, wait for it to finish, then power off the device.

   $ sync
   

7. Install Debian on the device. Use full disk encryption to encrypt all the drives. Be sure to select a long, random encryption password.
8. Surplus the device by following the instructions on the Surplus Procedures web page.

Other

If you have questions that are not covered in this procedure, please contact the VT IT Security Office itso@vt.edu for a consultation.