Are Your IT Assets Being Disposed of Securely?

Oct 10, 2017 9:55:22 AM

Everybody talks about the proliferation of desktop and mobile devices and various Internet-connected objects, including medical monitors and industrial and manufacturing equipment. Everybody talks about the enormous volume of data that is constantly being generated and stored on these devices, and the fact that data centers have increased in density to accommodate the nonstop avalanche of data. But you don’t hear nearly as many people talking about an obvious byproduct of all these devices and their data – e-waste.

Electronic equipment has a limited lifespan. At some point, devices have to be decommissioned and removed from the IT environment. Ideally, the end-of-life equipment is handled thoughtfully, by removing hazardous materials and recycling the remainder. However, only about 12.5 percent of the 20 to 50 metric tons of e-waste produced in the U.S. each year is recycled, according to the EPA.

That’s only part of the problem.

The environmental impact of e-waste is cause for concern.

However,  improper disposal of e-waste also creates security, compliance and legal risks. Sensitive information often remains on devices, even after they’ve supposedly been wiped of all data.

In the past, organizations erased, recycled or shredded their hard drives. Today, virtually any device, corporate asset or object that can be connected to the network stores data. Printers and copiers store data. Even devices with limited memory are capable of storing data. Few organizations have the in-house resources or expertise to securely dispose of old technology.

This has created booming demand for electronics recycling services, and many are less than reputable. Laptops, smartphones, tablets, servers, storage appliances, copiers and other devices are commonly shipped overseas to developing countries by these companies for “disposal.” Some of these companies will haul away your technology at no cost because they’d rather sell it than recycle it. In fact, Basel Action Network, an industry watchdog group, used GPS trackers to determine that 40 percent of electronics recyclers fall into the category of “scam recycling.”

At this point, it’s open season on your technology, which can be taken apart by low-wage workers so trade secrets, proprietary information and other data can be stolen. Precious metals are removed, and parts are used to create counterfeit goods. Even donating old technology to schools and nonprofits can cause your data to be accidentally exposed if it hasn’t been properly removed.

A reputable technology disposal and recycling company brings accountability and certainty to e-waste removal.

They should have R2 and e-Stewards certifications from the EPA and comply with National Institute of Standards and Technology requirements. Most will provide you with a comprehensive report that includes a detailed inventory of every IT asset that has been recycled or destroyed. If you’re ever audited, this report will provide evidence of proper disposal.

However, choosing the right disposal company is only part of the process. Organizations need effective procedures for decommissioning and disposing of end-of-life assets, and ensuring that all sensitive data is removed.

Pivot provides asset management services that encompass the full lifecycle of your technology, from procurement, configuration and delivery to ultimate disposal. Don’t let e-waste put your sensitive data at risk. Let Pivot dispose of your IT assets in a way that meets your security and compliance requirements.

By John Flores, Vice President of Marketing

Learn more about our IT Security Fortification offerings and what our Pivot’s Security Portfolio provides on our IT security page here!

Topics: Blog

September 27, 2017

A data breach is a costly event. As I noted in my last post, shipping firm Maersk fell victim to a NetPetya malware...

Read the Full Story