A few weeks back, I worked with the SH&BA to publish guidance on the Security of your Smart Home.
Shortly before we went to print I sold my car, and suddenly realised there was a big gap in the document.
Before disposing of any asset that has connected to your home network (phone, laptop, smart lightbulb, car…), make sure you delete all configuration information:
- Car: remove Bluetooth pairing and delete any downloaded address books (I remembered this just in the nick of time before I handed my car over to the new owner);
- Phone: remove memory cards, perform a factory reset;
- Smart device (kettle, lightbulb etc.): perform a factory reset;
- Laptop: delete personal data !?!
This last item is where I need help from readers of Cyber Matters. How can you do this easily and effectively? Options I can think of…
- Delete personal files (My Docs, Browser History) – is this sufficient, we know deleted data can be recovered.
- Augment 1) with “now fill the drive with random data to overwrite deleted files”, for example, keep copying a music file until the disk is 100% full.
- Use a secure delete tool. What recommendations do you have for an easy to use one?
- Encrypt the full hard drive, and throw away the key – hard for the non-technical savvy. (This will also destroy the operating system – if passing to a new owner, they may have an issue with this).
- Send the PC to a secure disposal facility. What companies have readers tried?
Secondly, while “factory reset” will be acceptable advice for many for a smart phone and smart devices, it is not infallible. Do you need to physically destroy the device? (How do you do this safely?). What if you are passing to another user for second hand use – is there an equivalent to “fill the disk with random data”?
The more I think about all of this, disposal is really hard, especially if you wish to pass the device to the second-hand market.
Please provide your advice in the comments section below.