Corporations worldwide spend billions of dollars on data security, but firewalls, data encryption, end-point protection, and network monitoring have little effect when your equipment is ready to be retired. In fact, IT asset disposition (ITAD) has been called the “soft underbelly of data security,” an area that is surprisingly overlooked given the costly consequences of a data breach.
A survey of nearly 3,000 IT asset disposal projects by Retire-IT revealed as many as four out of five had at least one asset missing. And here's the real troubling fact: Fifteen percent or one in eight of the untracked assets such as laptops, servers, and hard drives potentially contained data. As many organizations have bitterly experienced, tech-savvy thieves only need a single missing asset or an asset that has been inadequately wiped to cause severe if not irreparable damage.
And the complexity of not only keeping track of retired assets, but also erasing any traces of data is destined to increase. The proliferation of company tablets, smartphones, and laptops among employees in addition to the growing significance of cloud storage will further complicate the task of wiping your electronic history.
When those same assets need to be upgraded at an escalating pace, the stakes are raised further. By the time an audit reveals a smartphone or laptop has gone missing, the damage may have been done even if the employee did not mean to intentionally harm the employer (You may recall the IT director at a large New York bank who, in the midst of a disposal project, snatched three retired computers that she had planned to give to her daughter's elementary school.)
At the same time, the cost of an average data breach keeps skyrocketing. In 2014, it reached a whopping $3.5 million, a 13 percent increase year over year, according to the Blumberg Advisory Group's 2014 ITAD Trends Report. Organizations pay the price in falling stock prices, damaged reputation, lawsuits, and fines.
So what's the average organization to do?
ITAD lends itself to outsourcing. Although ITAD can be performed in-house, a distracted IT team may not get the job done right, especially if they are not in possession of the correct erasure software. Also, unless you're fully up to date on the myriad of environmental and government regulations that dictate the storage and disposal of electronic data, you may expose your organization to hefty fines for non-compliance. In addition, an ITAD partner should be equipped to help you recover value by identifying the best disposition channels for your assets, whether it means remarketing or recycling.
Of course, not all ITAD partners are created equal. Checking certifications is the first basic step toward finding the right match. In the end, your retired assets deserve your undivided attention.
Let us know how you close the this end of the supply chain loop in your organizations. Do you believe your electronics OEMs have a role to play as well?