IT Security Standard: Computing Devices - Decommissioning and Data Disposition
Required
All Devices
- A computing device connected to the campus network must be in compliance with campus standards, even if it is no longer being used for its intended purpose.
- Computing devices must be removed from the campus network in a timely way when no longer in use.
- Appropriate system and network administrators must be notified of the computing device removal to ensure appropriate configurations changes to those systems and networks.
- Disposition of a computing device and/or data must adhere to the Disposition of Protected Data Standard and University Property Control Procedures.
- Data on storage media must be
- rendered unreadable before requested for survey.
- rendered unreadable before transfer to another organization, either internal or external to the university, for reuse or repair.
- kept in a location limited to authorized personnel while awaiting processing to render the storage media unreadable.