InfoSec / Cyber

    You are here:  
  1. Home
  2. InfoSec / Cyber
  3. October 20. Hardware: Safe disposal
"A graphic announcing 'October is Cyber Security Awareness Month,' with text explaining the importance of creating a cyber emergency contact list in preparation for a cyber attack. It also includes a 'Cyber tip' to assess passwords, turn on MFA, and review critical accounts, especially email. A shield icon with a checkmark and a lightbulb icon are visible."
Information/Cyber Security

October 20. Hardware: Safe disposal

When upgrading your tech or getting rid of old devices, simply deleting files or formatting a hard drive is often not enough to truly erase your data. Safe disposal of hardware is a critical, yet frequently overlooked, aspect of cybersecurity. If sensitive personal or organisational information remains recoverable on old devices, it can easily fall into the wrong hands, leading to identity theft, financial fraud, or severe data breaches.

Why is safe disposal important?

  • Data Recovery: Deleted files aren't truly gone until they are overwritten multiple times. Data recovery tools can often retrieve information from simply "deleted" or "formatted" drives.

  • Sensitive Information: Old computers and phones can contain everything from banking details and passwords to confidential work documents, health records, and private photos.

  • Compliance: For businesses, improper disposal of hardware can lead to violations of data protection regulations (like data protection) and significant fines.

  • Reputational Damage: A data breach originating from improperly disposed hardware can severely damage an individual's or organisation's reputation.

How to safely dispose of hardware:

  1. Backup Your Data: Before doing anything else, ensure all important data you want to keep is securely backed up to a new device or cloud storage.

  2. Perform a Factory Reset: For smartphones and tablets, perform a factory reset. This wipes most user data, but for ultimate security, it's often not enough on its own.

  3. Secure Data Erasure (Data Wiping):

    • Software-Based Wiping: For hard drives (HDDs) and solid-state drives (SSDs) in computers, use specialised data wiping software. These programs overwrite the entire disk multiple times with random data, making the original data unrecoverable. Ensure the software is designed for your specific drive type (HDDs and SSDs require different methods).

    • Degaussing (for HDDs): For traditional spinning hard drives, a degausser uses a powerful magnetic field to permanently erase data.

  4. Physical Destruction:

    • Shredding/Crushing: The most fool-proof method for hard drives and other storage media is physical destruction. For individuals, this might involve using a hammer or drilling holes (though this still carries some risk and should be done safely). For organisations, use professional data destruction services that provide certified destruction and recycling.

    • Breaking Screens/Components: For phones and tablets, simply smashing the screen won't erase data. The storage chips need to be physically destroyed.

Schools and colleges should review both the DfE Laptop, Desktop and Tablet Standards and the Server Storage Standards for further advice about safe disposal and the requirements to meet the standards.  Our customers can track their progress using our DfE Digital Standards tracker tools which can be included in any Compliance Reporting.

Never just throw old devices in the bin. Always opt for methods that guarantee data irretrievability. Protecting your data extends beyond its active use; it includes its complete eradication at the end of its life cycle. 

We have resources, support, guidance and trackers to help you assess and monitor where you are with the standards: https://digitalstandardstracker.co.uk/ 

Confidential data doesn't stop being confidential just because you no longer need it!

💡Today's Cyber Tip: Find Your Local E-Waste Recycling Centre!

Today, look up your local electronic waste (e-waste) recycling centre or certified data destruction service. Knowing where to go for proper disposal is crucial for future hardware upgrades.

Review: NCSC Acquiring, managing, and disposing of network devices.

Review: ICO Deleting your data from computers, laptops and other devices

DPE Knowledge Bank Guidance and Support:


For schools and colleges, six of the DfE Digital Standards are now mandatory. We have a DfE Digital Standards Tracker tool help you track your cyber resilience and your progress: 

   

Review our Cyber Security Best Practice Area for micro learning, support, guidance and policies:



Why not have a look at our 'specialist' trainer Harry the Hacker :

©2025 Data Protection Education Ltd.

Search