Before disposing of any device or media, you should take steps to make sure you have removed all personal and other sensitive data from it. Vulnerable data that might be stolen from a device could include your bank or investment account number and password, your credit card numbers, information in databases, spreadsheets, tax software, and data from research projects.
If you use your personally owned device to access or work with sensitive U-M data, you are expected to secure it in compliance with Security of Personally Owned Devices That Access or Maintain Sensitive Institutional Data (SPG 601.33).
- Your Responsibilities for Protecting Sensitive Data When Using Your Own Devices. Guidance on use of personal devices with sensitive U-M data.
Personal Devices With or Without a U-M Stipend
Properly deleting U-M files and data and secure erasure of personal devices at end-of-life or before transfer are important steps in reducing the risk of unauthorized disclosure of sensitive institutional data or personal information.
SPG 601.33 has a provision that states: Data Return/Deletion: Users shall return or delete sensitive institutional data maintained on personally owned devices upon request from the University or when their role or employment status changes such that they are no longer an authorized user of that data.
U-M employees in departments that permit accessing sensitive U-M data on personal devices:
- Employees transferring from one U-M unit to another or leaving U-M entirely and keeping personal device: With the support of Unit IT, remove or delete U-M data, documents, databases, and licensed software specific to the unit by selective deletion rather than resetting to factory default.
- Employees preparing to dispose of a personally owned device:
- Should transfer or backup personal files, data, photos, etc. to new location if not already saved to cloud storage.
- Follow the steps in Erase Personal Devices Before Disposal.
Michigan Medicine Faculty, Staff, and Students who have personal devices using Intelligent Hub (formerly called Airwatch) should immediately report lost or stolen devices to the Michigan Medicine Service Desk at 734-936-8000. The Service Desk will assist with locking or wiping the device as needed.
Preparing your personal device for resale, transfer, or recycling? You should use Intelligent Hub to erase data from the device. There are two options for erasing data on your device:
- Enterprise Wipe. Removes all data that was put on there by Intelligent Hub, for example, Michigan Medicine Outlook Exchange email or any enterprise applications.
- Device Wipe. Removes ALL data on the device and returns it to factory defaults.
Before resale, transfer, or recycling, you should use the Device Wipe option on any device using Intelligent Hub.
For additional information, see Intelligent Hub-Security Considerations.
ITS Tech Repair offers Secure Device Sanitization services for individuals and U-M departments, as well as assistance moving data to a new device if needed.
See these how-to instructions for securely deleting data from university or personally owned computing devices and storage media.
- Securely Erase a Hard Drive with @ActiveKillDisk (Windows, Mac, Unix/Linux)
- iOS: Restore your iPhone, iPad, or iPod to factory settings (Apple)
- Android: See item: Before You Sell or Give Away Your Device… in the Management section of Secure Your Android Device
- Chrome: Use Powerwash to Erase Your Device. See: Before You Sell or Give Away… in the Management section of Secure Your Google Chromebook
Securely Delete Files from Computers
Physical Destruction of Devices or Media for Secure Disposal
When devices or drives are inoperable, it may be necessary to destroy them to ensure secure disposal. Destruction may also be required by some laws or regulations governing certain types of data. See Destroy Devices and Media for instructions.