Trusted by over 400,000 with their insurance needs
Our service is rated ‘Excellent’ on Feefo
Over 2000 insurance specialists ready to support you
Bytesized Cyber - How to dispose of old devices without leaking data
Bytesized Cyber - How to dispose of old devices without leaking data
The cyber threat landscape is rapidly evolving. It is becoming more sophisticated and impacting not only individuals but businesses as well. To help you stay one step ahead of cybercrime, we’ll be exploring a different aspect of cyber security each month of 2025 in our bytesized series.
This month’s focus is on how to dispose of old devices without leaking data.
Did you know that deleting a file from your device doesn’t fully erase it from your computer? It can easily be retrieved with the right hands.
Fully destroying data takes time, effort and practical knowledge. New figures released by the ICO, revealed that 29% of adults do not know how to erase data securely from their old devices. Around 75% of UK adults have at least one old device that they refuse to part with. 1 in 5 of that 75% have admitted they are keeping it as they are worried about their personal information. When letting go of your old technology, you must erase all personal information. This includes:
- Banking information
- Passwords
- Emails and text messages
- Contact names and email addresses
- Photos
- Internet search history
The risks of not disposing of your data securely
Failing to dispose of your data securely can lead to numerous problems. For example:
- You no longer have control over your data.
- You do not know where this data has been shared.
- People (or from a business perspective, competitors) can recover the data and use it against you.
- If you have intellectual property, it could be recovered and distributed without your consent, which could impact your revenue streams.
- It could be used to commit identity fraud or other illegal activities.
How to securely dispose of old devices without leaking data
Step 1: Back up important data
Before you delete your data, back up anything that you want to keep such as photos, contacts etc. onto your new device or external hard drive. The backing-up process will vary depending on the model of the phone but generally, anything that you want to keep, you should back up.
Step 2: Remove any memory cards from the device
This is especially important if you want to sell the device. Make sure to hold onto the memory card.
Step 3: Log out and deauthorise accounts
Once you have backed up all your data, sign out of all your accounts on your old device. This includes any apps, especially banking and emails.
As you log into these apps on your new device, we recommend changing the login information to make it harder for any hackers to track if they get their hands on your old device.
You should also unpair any devices linked to your device via Bluetooth and delete all your stored credentials on any websites.
Step 4: Encrypt your data
Using an encryption key to scramble the information’s true meaning will make any data left on your device unreadable. How to do this will vary by device, so it is best to look at your specific model’s instructions.
Step 5: Perform a factory reset
The NCSC recognises that doing a factory reset will not prevent a determined expert from being able to recover some of the data. Still, it will prevent most people from gaining access to it.
Don’t forget that many IoT devices such as printers, smart TVs, routers and e-readers have factory reset facilities too and these can also store data.
Step 6: Use an eraser tool
As discussed earlier, when deleting a file, it simply means that the storage space the file was utilising is now available to be overwritten by another file. It is only when that space is used again that the file is overwritten and gone from viewing.
To properly remove all your files, you can use wiping software to delete and replace them at least once to ensure they are thoroughly destroyed.
Step 7: Remove SIM card
If applicable, remove your SIM card from the device. It's advisable not to throw it in the bin and not to sell it. You can either reuse it in your next device or you should fully destroy it by cutting through the microchip with a pair of scissors, in the same way you would dispose of a bank card.
Step 8: Perform a secure sanitisation (if necessary)
Usually, when data is deleted from a device, it can be easily recovered. With sanitisation, the media is professionally ‘cleansed’ so the data is removed from the device and cannot be recovered.
Click here to view the National Cyber Security Centre’s in-depth guide on secure sanitisation and the risks associated with it.
Step 9: Decide what you want to do with your, now-cleaned, device
Now that you have a fully secured device, the only thing left to decide is what you want to do with it. Will you trade it for a new phone? Or sell it and make some extra cash off it? Do you want to donate it to charity? Do you want to recycle the device?
Whatever you decide to do, have peace of mind knowing that your data is secured.
To access our handy reference guide click here
Worried about cyber-crime?
When it comes to cyber-crime, many SMEs don’t have sufficient cyber insurance. But the reality is, the risk of cyber-crime to your business far outweighs many other risks that you would cover for without a second thought. It’s time to get real about the risk of cyber-crime. Talk to our cyber team to find out more. Get in touch on 0330 029 5231 or to visit our cyber page.
About the author
Alison Wild BCom (Hons), FMAAT, MATT, Taxation Technician is a highly respected industry professional who has been working with and advising SMEs in areas including tax, pensions, insurance and marketing for over 25 years. She is a Fellow member of the Association of Accounting Technicians (AAT) and Association of Tax Technicians (ATT) and also has 20 years' experience as a residential landlord.
Consistent with our policy when giving comment and advice on a non-specific basis, we cannot assume legal responsibility for the accuracy of any particular statement. In the case of specific problems we recommend that professional advice be sought.
Sources
Resources
- https://www.ncsc.gov.uk/collection/device-security-guidance/managing-deployed-devices/erasing-devices
- https://www.ncsc.gov.uk/guidance/secure-sanitisation-storage-media
- https://retrievr.com/how-is-wiping-your-data-different-than-deleting-it
- https://www.which.co.uk/reviews/mobile-phones/article/how-to-recycle-your-mobile-phone-a4RH90q3yNtT
- https://heimdalsecurity.com/blog/data-protection-sell-your-phone/
- https://www.forbes.com/sites/kateashford/2015/07/31/old-phone/
- https://ico.org.uk/for-the-public/online/deleting-your-data-from-computers-laptops-and-other-devices/
Date: January 27, 2025
