Skip to main content
Back to Blog
August 19, 2025Tech TipsBy Matt Johnson

Tech Tip Tuesday: Wipe Before You Recycle

Old laptops, smartphones, and hard drives hold more than outdated files. They often store sensitive business data, logins, and financial records. If you dispose of a device without wiping it, you risk exposing that data to cybercriminals.

Every year, millions of devices are traded in, donated, or thrown out - and many of them still contain recoverable data. A simple factory reset is not enough. Without a proper wipe, anyone with basic recovery tools can pull files, credentials, and sensitive records right off your old hardware.

Whether you're upgrading office laptops, retiring a fleet of smartphones, or decommissioning a storage server, a secure data destruction process is non-negotiable. Here's what you need to know.

What's Actually on That Old Device?

Most people underestimate how much sensitive information accumulates on a business device over time. A device that's been in regular use may contain:

Saved Credentials

Browser-stored passwords, VPN credentials, email logins

Business Documents

Contracts, invoices, financial records, client data

Email & Messages

Cached email, text messages, and chat logs

Security Tokens

Authentication cookies, MFA backup codes, API keys

Browser History

Visited URLs, auto-fill data, and session tokens

Cloud Sync Remnants

Locally cached copies of cloud files and photos

Real Risk

A study by the National Association for Information Destruction (NAID) found that 40% of used hard drives purchased on eBay contained personally identifiable or corporate information. A simple delete or factory reset does not remove this data - it only removes the pointer to it.

Wiping Windows PCs & Laptops

For Windows devices, the most secure built-in approach combines full-disk encryption with a complete reset, ensuring any recovered data is unreadable.

Recommended Method: BitLocker + Reset

  1. 1Enable BitLocker full-disk encryption (if not already active) - this encrypts all existing data
  2. 2Go to Settings → System → Recovery → Reset this PC
  3. 3Choose "Remove everything" and select "Remove files and clean the drive"
  4. 4This process encrypts and then wipes, making recovery virtually impossible

For Older or Non-BitLocker Systems

Use a third-party disk wiping tool such as DBAN (Darik's Boot and Nuke) or Eraser. These tools overwrite all drive sectors with random data, meeting DoD 5220.22-M or NIST 800-88 standards.

Note: DBAN does not support NVMe SSDs. For SSDs, use the manufacturer's secure erase tool or Windows' built-in reset with clean drive option.

Wiping macOS Devices

Apple devices with the T2 chip or Apple Silicon (M1/M2/M3) have hardware-level encryption enabled by default, making secure erasure straightforward.

For Apple Silicon (M1/M2/M3) and T2 Chip Macs

  1. 1Shut down and restart into Recovery Mode (hold Power button on Apple Silicon)
  2. 2Open Disk Utility → select the main drive → click Erase
  3. 3Use Erase All Content and Settings from System Preferences for a simpler one-step wipe
  4. 4This cryptographically destroys the encryption key, making all data permanently inaccessible

For older Intel Macs without a T2 chip, boot into Recovery Mode and use Disk Utility to securely erase the drive with the "Security Options" set to at least 3-pass overwrite.

Wiping Smartphones & Tablets

iPhone / iPad (iOS)

  1. 1.Sign out of iCloud (Settings → [your name] → Sign Out)
  2. 2.Settings → General → Transfer or Reset iPhone
  3. 3.Tap Erase All Content and Settings
  4. 4.iOS uses AES-256 encryption by default - erasing destroys the key

Android

  1. 1.Enable full storage encryption first (Settings → Security → Encryption)
  2. 2.Remove your Google account from the device
  3. 3.Settings → General Management → Reset → Factory Data Reset
  4. 4.Post-reset: enable encryption again, then reset a second time for maximum security

Retiring Hard Drives & SSDs

Traditional HDDs

  • Use DBAN or similar tool for multi-pass overwrite
  • DoD 5220.22-M standard: 7-pass overwrite
  • Physical shredding for maximum assurance
  • Certificate of destruction from a NAID-certified vendor

SSDs & NVMe Drives

  • Use manufacturer ATA Secure Erase command
  • Enable self-encrypting drive (SED) then cryptographic erase
  • Standard overwrite tools are less effective on SSDs
  • Physical destruction is the most reliable option for compliance

For Businesses: Build a Disposal Policy

For organizations handling sensitive data - especially in healthcare, finance, legal, or government - a documented asset disposition policy is often a compliance requirement, not just a best practice.

Your Device Disposal Checklist

  • Maintain an asset inventory tracking every device and its disposal method
  • Remove devices from MDM/EMM platforms (Intune, Jamf) before disposal
  • Revoke certificates and remove the device from Azure AD / Entra ID
  • Use a NAID-certified IT asset disposition (ITAD) vendor for bulk retirements
  • Obtain a Certificate of Data Destruction for each device
  • Document the disposal in your compliance records (HIPAA, PCI-DSS, SOC 2)

Compliance Note

HIPAA, GLBA, PCI-DSS, and NIST 800-88 all have specific requirements around media sanitization. Failure to properly dispose of hardware can result in breach notifications, fines, and audits - even if the device was never reported stolen.

The Bottom Line

The cost of properly wiping a device is minutes of effort. The cost of a data breach from an improperly disposed device can be six or seven figures - plus the reputational damage that follows.

Before your next hardware refresh or device donation, make secure disposal part of the checklist - not an afterthought. When in doubt, physically destroy the storage media.

About SOClogix

SOClogix provides 24/7 managed security, endpoint protection, and compliance support for SMBs and mid-market organizations. Our team helps businesses build policies, manage devices, and stay ahead of security risks - including the ones that come from retiring old hardware.

Matt Johnson

Matt Johnson

CEO & Founder, SOClogix

Full bio →
Data DisposalDevice SecurityTech TipsHIPAAComplianceHard DriveSecure Erase