Concerns about your business are never more founded then when it’s time to ensure data security in disposing of outdated or damaged technology. A surprisingly high number – 80 percent – of organizations admit to losing track of assets during the disposition process.
Such lack of control is not something your business can afford. There is tremendous risk in a do-it-yourself plan for disposal of assets or the destruction of any proprietary, confidential, or personal data. Added to this risk is the fact that this data is everywhere, hidden in places you (or your IT team) may not even have thought about or have the ability to sweep clean.
A recent study found that the average tech-savvy American carries three devices around, back and forth between home and work. When they connect personal, unsecure devices to secure work servers, they open up a potential avenue for attack. So ITAD data security is a real concern that every business must face.
Ensure ITAD Data Protection- A few basic to know
Does your ITAD plan leave you at risk? According to TechTarget: “An enterprise may believe that erasing the drives of a no-longer-needed storage array will provide sufficient protection. That array's controller head, however, contains network credential information.” So, essentially, erasing the hard drive simply does not offer adequate protection if data is also embedded elsewhere in the device — whether it’s in battery-backed cache, microprocessors, remote access cards, or a smart power distribution unit, just to name a few.
So, ask yourself some basic ITAD questions:
- Is your IT team equipped to securely dispose of your retired IT assets? Do they know where all the data is hidden and have the correct software to do a thorough sweep? A clean sweep is not a simple as it once was. An article in Computer Weekly magazine states that today’s technology is so complex and constantly evolving, that most internal IT departments cannot keep up with the latest data erasure software, locate and keep track of all assets, and provide fool-proof documentation of compliance with all environmental and government regulations.
- Is your IT team up to date on the minutiae of environmental and electronically stored data regulations? Not knowing for certain can cost you in substantial fines.
- Do you know with absolute certainty the location of every piece of end-of-life IT equipment? According to an article in Harvard Business Review, about four out of five corporate asset disposal projects typically result in at least one missing asset, and it only takes one to cause a data breach.
- Are you utilizing the disposition channel that yields the highest ROI for your products?
If any of these questions leave you feeling stressed or uneasy, then you need a fool-proof solution and a guarantee that your data in ITAD is secure at all times. Here are four basic steps you should take:
- Choose an IT reverse logistics partner that utilizes the correct data erasure software. This means it really is erased, even in hidden locations within a device. Sophisticated thieves know how to recover information that has not been properly wiped, leading to the skyrocketing average cost of a data breach ($3.5 million in 2014). WipeDrive is the only disk-wiping technology that has the seal of approval of the Department of Defense and has been certified to NIAP’s and EAL4+ standard. The technology also meets or exceeds all major certification and standards, including HIPPA, Sarbanes-Oxley, and the Common Criteria standard.
- Make certain that they have all the required certifications, which also helps ensure the highest standards of operation.
- Only choose a partner that can offer you general liability insurance. This insurance provides a written guarantee of your provider’s commitment to proper data destruction procedures and means you will not be vulnerable to regulatory fines or lawsuit payments if the provider was at fault.
- Your provider should keep you informed. Check your ITAD’s partner’s ability to provide automated updates. Will you be notified of the disposition results? Can you follow the progress of your items in real time? Your provider should be able to provide audit reports for each item by serial number and asset details.
Another viable concern in ITAD is how to best secure your ROI of old assets, once they are wiped clean of any security risks. Many people feel that damaged assets or inventory at the end of their life-cycle is just a cost of doing business. But, with the right strategic plan, these things could actually be a source of revenue.
By selecting the right consumer sales channels, brokered channels, and alternative remarketing venues, you can significantly improve your returns. You also need to build your online presence and seller ratings to attract as many potential customers as possible. Ask yourself if you have the in-house knowledge to accomplish this.
Your in-house IT team may believe they can handle the challenge of data removal, but many companies fail to pay attention to security the moment equipment is decommissioned. The last step of your IT asset management strategy needs to be handled with care and attention to security to avoid costly data breaches, legal penalties, and even public humiliation. Your safest choice is to turn the task over to the right ITAD partner, one with a proven track record that also offers insurance to guarantee that their work meets all regulations and that your data will remain completely secure.