Cleaning up your Personal (BYOD) Computer When Leaving UCSF
The only way to ensure ALL UCSF data has been removed is to securely reformat (ERASE) your hard drive and any devices that contain storage (USB thumb drives, external hard drives, smartphones, tablets, etc). This is not the same as simply deleting files or performing a "factory reset". Please contact your computer vendor for support. If you cannot do that, please use instructions below to ensure you remove all UCSF information, applications, and tools.
Securely Removing Restricted Data
If you stored restricted data on a device, you must securely wipe the device's storage or securely delete files that contain restricted data. A secure wipe or secure erase requires writing over restricted data multiple times to make recovery infeasible or impractical. If you are unsure of where restricted data exists, the safest thing to do is assume it exists everywhere and act accordingly.
If your device was encrypted: Reformatting it or performing a "factory reset" without first decrypting it is usually equivalent to securely wiping its storage.
If you never encrypted your device, decrypt your device, or leave it encrypted after leaving UCSF: You must securely delete any and all restricted data.
To securely wipe a drive, you can use:
- Dariks Boot and Nuke http://www.dban.org/
- Disk Wipe http://www.diskwipe.org/
- Use Apple's Disk Utility to securely erase a disk (7-Pass Erase) https://support.apple.com/kb/PH20569?viewlocale=en_US&locale=en_US
- UCSF IT's drive destruction service http://it.ucsf.edu/services/drive-tape-and-data-destruction
To securely delete files, you can use:
- Heidi Eraser http://eraser.heidi.ie/ (Windows)
- Delete the files and use Apple's Disk Utility Secure Erase feature (7-Pass Erase) https://support.apple.com/en-us/HT201949 (Mac)
- Wipe Free Space http://wipefreespace.sourceforge.net/ (Linux and Mac)
- PGP shredder (Windows - https://support.symantec.com/en_US/article.TECH149789.html) or PGP Shred (Mac - https://support.symantec.com/en_US/article.HOWTO41908.html)
These programs are not supported by UCSF and are only listed here as suggestions. Any use of these programs is done at your own risk.
Leaving UCSF and how to “clean up” your personal computer
When you leave UCSF, UCSF data should not leave with you. This includes but is not limited to:
- Any UCSF data, especially restricted data such as PHI (Protected Health Information) and PII (Personally Identifiable Information)
- UCSF system information (application and system usernames and passwords)
- UCSF computer applications
- UCSF network settings (saved UCSF WiFi settings)
Please check the following common locations and permanently delete the data. Common locations for UCSF data:
- Email. Not just the inbox, check your sent items, deleted items, as well as any local PSTs you may have created during backups and archiving.
- Documents folder
- Downloads folder. When you download attachments, files from UCSF web applications and other external locations, they are by default saved into this directory.
- External drives. Any external drives used to store and\or backup data should be reviewed and any UCSF data removed.
Pay extra attention to the following file types as they are most likely to contain data:
- Office files (.xls, .xlsx, .doc, .docx, .ppt, .pptx, .pdf)
- Email files (.pst, .msg)
- Pictures (.tiff, .jpg, .jpeg, .bmp, .png)
You can use the search function on your machine to look for a list of any of the listed files types. (example, search for *.pdf to find all PDFs saved on your system).
If you have saved any passwords to UCSF data or systems please delete them. The following locations are common places passwords are saved:
- Web browser. In your web browser (example, Internet Explorer, Chrome, Firefox) go into the settings and remove any saved passwords used to access UCSF resources.
- Local files. Some users store passwords in files such as text documents, Word, or Excel. Please review these locally saved passwords and remove all UCSF passwords from these lists.
- Password managers. If you are using an application that remembers and stores your passwords, please review this and remove all UCSF passwords from these applications
UCSF System Information
If you have any documents that describe UCSF systems, permanently delete these files. Some files that may contain restricted UCSF system information are:
- Application install guides and user manuals
- System or network diagrams (explaining how a system is setup or functions)
UCSF Computer Applications
On a Windows machine, open control panel and the programs and features. Please look through this list and remove any UCSF software that you will no longer be using post your departure.
On a Mac, look in your applications folder remove any UCSF software that you will no longer be using post your departure
UCSF Network Settings
Open your network settings on your system and remove any saved connections to UCSF networks. Examples of these connections are:
- UCSF wireless networks (UCSFwpa, UCSFguest)
- UCSF VPN connections
Contact the IT Service Desk at https://ucsf.service-now.com/ess/home.do or 415-514-4100 to remove any UCSF computer management software (BigFix, Casper) and to unencrypt your device.