5 Best Practices for Responsible ITAD.
The prospect of a data security breach has long been the 3am worry keeping most CISO’s awake at night. Whilst it is essential to protect company data at all costs following the introduction of EU and UK GDPR, ITAD isn’t solely about data destruction.
Environmentally friendly ITAD, is of primary importance to ensure an organisation remains compliant with environmental legislation, for the responsible disposal of redundant IT equipment. Since the recent Intergovernmental Panel on Climate Change released their stark report and as new emissions targets are set at COP26, the pressure is on for all businesses to become more sustainable, including the resource-heavy IT department.
How long should a laptop or PC last?
As technology advances and the Internet of Things continues to expand at a rapid rate, the cost of new technology is becoming cheaper and the lifecycles of our devices, are becoming shorter.
According to Gartner Research, the average lifespan of a desktop PC is 43 months and 36 months for laptops. The research was intended to serve as a guide for device-replacement strategies and schedules. Highlighting the short lifespans of our latest tech, leaves IT departments seeking to replace and dispose of PC’s and laptops within just 3-3.5 years.
Lead in part by the enforced move to permanent remote or hybrid working practices, IT spending continues to rise faster than anticipated. According to Statista, in 2021, global spending on devices of all kinds is projected to rise by a further 8% from 2020, reaching $705 billion.
So with hundreds of gigabytes of business files and sensitive corporate data stored inside one comparatively small box, an effective sanitisation process using advanced data erasure techniques, is the only way to completely remove all data from your device – ensuring legal data protection compliance.
With more and more devices storing personal data and an increasing demand for big data ITAD, what is best practice when it comes to IT asset disposal?
Conduct a physical audit.
A physical audit of all assets doesn’t just provide an up to date, comprehensive list of your organisations devices; it will help you evaluate the age, condition and productivity of each asset. Within larger organisations, this isn’t as easy as it sounds – especially if you have adopted remote or hybrid working practices. IT asset disposition services often offer an IT audit service, this will help you identify redundant IT assets that could be upgraded and redistributed, prepared for resale or recycled.
Accurately cataloguing the end of life IT assets makes sure that nothing is accidentally missed. This ensures that all equipment that you plan to dispose of is processed in accordance with GDPR data destruction legislation, undergoing complete secure data erasure, preventing future data security issues.
Create an IT Asset Disposal Policy.
As lifecycles get shorter, it is even more important to implement an IT Asset Disposal Policy, creating a robust departmental framework, specific to your industry and its specific set of data regulations.
It is never too early to consider the principles of data governance. Regardless of their lifecycle stage, all assets should be covered by your ITAD strategy. By documenting the process, you demonstrate your compliance with GDPR data destruction requirements and environmental waste legislation, along with your organisations commitment to sustainable working practices.
Your plan should include when you will remove employee credentials and permissions from systems, how you prepare equipment identified for resale or recycling and whether you will employ data destruction services. With the acceleration towards digital infrastructures and cloud-based services, you should cover any on-site data erasure and data centre decommissioning. On the other end of the scale, it is important to consider mobile device recycling. End-point devices such as smartphones, tablets and the growing number of Bring Your Own Devices could unknowingly be responsible for a data breach.
Your IT Asset Disposal Policy can also be cost-effective. According to Gartner Research, such a strategy will typically achieve a 30% cost savings in the first year, and at least 5% cost savings in each of the following five years.
Dispose responsibly.
E-waste has become an epidemic of today’s throwaway culture – with the UN reporting that globally, only 17% of our electrical and electronic devices were recycled in 2019.
Alongside their moral obligations, businesses within the UK and EU must be compliant with the Waste Electrical and Electronic Equipment regulations (WEEE). This legislation ensures that all electrical and electronic equipment is recycled or disposed of in an environmentally friendly way when it reaches end of life.
Many IT asset disposal companies have committed to zero-landfill policies and are accredited by the internationally recognised ISO 14000 standard in Environmental Management; preventing toxins, precious metals and perfectly serviceable components ending up in landfill. If you outsource ITAD to a highly accredited ITAD partner, you can enjoy peace of mind that you also meet this standard.
Join the Circular Economy.
Whilst many companies simply accept the fact that devices will need to be replaced every three years, departments can easily sell redundant IT assets on through their ITAD supplier. By repurposing technology with plenty of life in it, organisations can maximise the lifecycle of the device itself and also their return on investment.
Upgrades are an effective way for CISO’s to maximise an assets lifecycle and the ROI of each device whilst maintaining high employee productivity. The Right to Repair legislation announced in April 2021, underlined the importance of reusing the resources we have already manufactured, rather than continuing with the ‘take, make, discard’ culture – exchanging this for ‘reduce, reuse, recycle’.
When legacy assets cannot be upgraded, many of their components can be retrieved so they can re-enter the remanufacturing process, helping your organisation contribute to the circular economy. This EU action plan seeks to expand the short lifecycles or our assets, increasing their lifetime value and reducing e-waste.
Whilst this is a great addition to your CSR or sustainability policy, it also provides an unexpected revenue stream for the business. By recycling redundant IT assets through an ITAD company, you will receive a residual payment, at the best market price for the recycled components. For larger corporations undergoing large infrastructure upgrade deployments, this can involve a significant volume of equipment, helping to offset and minimise costs.
Document your ITAD Chain of custody.
As with your IT asset disposal policy, documentation is crucial. Should the worst happen and you are the unfortunate subject of a data breach, the Information Commissioners Office will seek evidence that you have followed GDPR data disposal guidance and hold the appropriate ITAD Chain of Custody for each asset.
By using a professional ITAD service, you will receive an IT asset disposal accreditation certificate for each and every piece of redundant IT equipment, including evidence of data erasure prior to being upgraded, resold or recycled.
Whilst the importance of data destruction remains paramount, the environmental footprint of our businesses is increasing under scrutiny by governments, stakeholders, partners and customers. Environmentally friendly ITAD is an important element of IT asset disposal data security best practice, ensuring your compliance with environmental legislation, as well as data protection laws.
Learn more about our IT audit service along with our other support services, designed to make your life easier. tier1 can assist with upgrades for redeployment, resale and recycling of end of life IT assets.
To find out more, call us on 0161 777 1000 or visit tier1.com
Resources.
Gartner, Statista, Wise Tek, Data Foundry, HTL London, Horizon Technology, Iron Mountain, J.Gold Associates, Tech Reset, Cobalt,