Companies must refrain from irresponsible IT equipment disposal methods like staff sales, donations and auctions. Although they spend millions protecting their networks, they often overlook one crucial element of data security when disposing of redundant IT equipment.
Unknowingly, companies often donate old IT equipment to charity organisations or schools that are in desperate need. However, before doing so, they fail to ensure that the hard drives are erased properly.
Xperien CEO Wale Arewa warns that donations could be another bomb waiting to explode. “What they view as a trivial act, is in fact a serious data security threat that could create massive liability for the company.”
“The vast range and volume of new devices being deployed in the marketplace makes it nearly impossible for companies to safely manage and dispose of excess electronics. Most companies are oblivious to the risks associated with asset disposition and theft, failure to mitigate the risks could have dire consequences,” he explains.
Technology devices hold all kinds of proprietary company data as well as confidential customer and employee information. Data breaches are hard enough to control within any organisation, but when they toss old computers in the trash without erasing the hard drive of old laptops, they could be releasing confidential data into the wild.
“Securing sensitive data is a daunting task for any business. One of the challenges with IT asset disposal projects is the chain-of-custody of equipment. Often during audits, equipment is unaccounted for and untracked and they don’t realise that penalties for data breaches are tough,” he explains.
Data security laws mandate that organisations implement adequate safeguards to ensure privacy protection of individuals. By preventing employees and benefactors receiving from retired computers without data sanitisation and by acknowledging the risks and inherent conflicts-of-interest surrounding retired assets, will result in more effective IT Asset Disposal (ITAD) policies and adequate safeguards.
Applying established incident-response procedures to the process of ITAD can help raise awareness of unappreciated vulnerabilities. Additionally, educating senior management about the risks will hopefully secure the resources needed to prevent an ITAD-related breach.
Due to the crucial nature of data sanitisation, Xperien has developed its own bespoke software destroyData. The software is based on secure erase and performs advance digital data elimination (digital sanitation). This destruction process allows the hard disk drive to be reused and data sanitisation the most environmentally compliant procedure.
destroyData will eliminate the risk of data loss in hard drives being disposed. It is a simple, secure and efficient solution to assist you in safeguarding your company’s integrity and reputation. As part of its awareness campaign, Xperien will be giving away free destroyData software.
“Our customers have chosen destroyData software due to its ability to provide an erasure report, support multiple device platforms, erase 40 devices simultaneously and it is compliant with the requirements of the Protection of Personal Information (PoPI) Act 2013,” he concludes.