Consider the following list of guidelines when you develop a security policy for your site. Also, refer to Guidelines for Media Sanitization, NIST 800-88r1.
Do not re-purpose a system with sensitive data to a network that carries less sensitive data.
Clear and purge hardware disks before destroying them.
For hardware disk purging methods, see Managing Devices in Oracle Solaris 11.3.
For scrubbing a USB, run the dd command several times. You have a couple of options:
# dd if=/dev/zero of=/dev/sdx iflag=nocache oflag=direct bs=4096 # dd if=/dev/urandom of=/dev/sdx iflag=nocache oflag=direct bs=4096
For scrubbing solid state devices (SSDs), obtain OS-specific secure erase utilities from the vendor of your SSDs. You can also use a third-party scrubbing application, such as the sg_sanitize(8) utility.
Forbid the use of flash drives and USBs that could carry sensitive information off-site.