The amount of electronic waste, known as e-waste, is increasing globally year-on-year. Driven by businesses digitally transforming, upgrading their equipment and systems and our desire to have the latest technology. It is the fastest growing waste stream in Australia, increasing three times faster than general waste to landfill.
Even the most critical of physical systems and digital devices within a business have an operational lifespan. However, even obsolete IT hardware has a value, much of which is within the data it contains.
This makes securely and efficiently disposing of IT devices essential. Failure to properly dispose of end-of-life IT equipment, can have serious consequences for your data, the environment, your brand reputation and your bottom line.
Businesses of all sizes need to establish a secure IT asset disposition (ITAD) policy. Fundamentally, this details a safe and sustainable approach to dealing with end-of-life IT assets from recycling, remarketing and compliant destruction.
An ITAD policy helps businesses to address and mitigate against key issues associated with end-of-life devices including data security and data privacy regulations. So, how should a business go about establishing a comprehensive and secure ITAD program?
Setting out the basics
The first step is to establish a decommissioning strategy. To be fully effective, this should cover the compliant disposal of retired hardware and the destruction of data. Bringing together IT, information security and office management, with oversight from senior executives will help to ensure it is robust and is applicable to all sectors within the business.
Next, it is vital to ensure that all data stored on old hardware has been permanently eradicated and is non-recoverable. Given the importance of this step, and the potential for financial and reputational risk, working with an accredited third-party disposition expert is recommended.
Third, ensure that you know the whereabouts of your assets throughout the entire disposition process. A secure chain of custody is essential in demonstrating compliance. This includes asset itemisation, GPS tracking and protected transportation, all backed up with supporting documentation. Having a secure chain of custody is critical because it ensures that the IT assets are tracked during each step of the process from pick-up to final disposition.
Building the business case
Building a business case for a secure ITAD program will not only help to ensure buy in but will also facilitate compliance. Based on measurable benefits, the business case should identify what it might cost an organisation if its data was compromised. With the potential to cause long-lasting financial and reputational damage, choosing to implement a secure ITAD program is the easy answer.
As the fastest growing waste stream and a major part of our environmental footprint, developing and implementing an ITAD policy can also be tied to corporate and social responsibility objectives. According to research from Iron Mountain, 60 per cent of medium- and large-enterprises do not have a secure ITAD program. Therefore, publicising an organisation’s ITAD achievements is an opportunity to showcase the benefits of having secure, end-to-end control of your IT assets and the data contained within.
Ironing out the problems
What at first might seem reasonably straightforward can actually get quite complicated which is why many businesses work with an accredited third-party secure ITAD partner. Either way, a secure chain of custody is required. Having a complete record of where IT assets went, and what happened to them, is required to establish that the process was responsible and compliant – both from an environmental and data security standpoint.
By working with a certified partner organisation you can be assured that your IT assets are being reused, remarketed or recycled to the highest global standards as proper disposal significantly reduces the risk of environmental damage.
By choosing a single global secure ITAD partner, an organisation’s IT team will not have to spend time dismantling or wiping old hardware, freeing up their time for more valuable work, such as equipping employees with the latest technology, sooner. Overall, the business benefits from higher productivity, a decreased risk of data breaches, a reduced carbon footprint and sustainable practices in line with its corporate responsibility objectives. It also stands to realise additional annual revenue, through responsible IT remarketing.
Rethinking ITAD and ensuring that it is top of mind is critical as product lifecycles shorten, technology evolves at a faster pace, and more companies turn to cloud services. With a growing number of IT assets as their end-of-life, making the right choices around your organisation’s ITAD strategy will limit business risk and help to protect the environment.
Paul Flatt is director of secure ITAD at Iron Mountain Australia and New Zealand.