We know we must protect company data and our customer’s PII; making sure that we have met the EU and UK GDPR data destruction requirements at all costs.
When it comes to the secure disposal of our assets following redundant IT equipment upgrades, the data governance challenges faced by our organisations extend beyond the standard lifecycle. But how do you safely dispose of data?
Environmentally friendly ITAD provides guaranteed file deletion using advanced computer software. The entire device or its components can then be resold to the secondary market or enter the remanufacturing sector, preventing unnecessarily wasteful data shredding. With strong residual values being offered by IT asset disposal services for perfectly serviceable redundant IT assets, asset recovery is also highly cost-efficient for businesses. Yet, despite the circular model receiving stringent guarantees from leading ITAD and data security industry experts, the practice of data shredding remains routine and widespread.
Microsoft and Amazon Web Services, in particular, have been widely criticised for choosing data shredding practices over more sustainable data destruction services. Our global data storage providers, law enforcement agencies, governmental departments or banking institutions are aware that professional, secure data erasure provides a more sustainable alternative to the physical destruction of our devices. However, due to the perceived risk of a potential breach along with the devastating reputational, legal and financial implications, the status quo is maintained. Literally millions of perfectly serviceable hard drives continue to be shredded annually *
When it comes to ITAD services, terms such as data destruction, data cleansing and data erasure can be a little confusing as they’ve often been used interchangeably. Broadly, secure data erasure services will remove all files from a device and leave them irretrievable. However, techniques and data destruction practices provided by IT asset disposition services are not the same.
What is data shredding?
In much the same way as you’d cut through the RFID chip on a credit card before disposal, you wouldn’t be alone in thinking that the only way you can be sure that you have completely prevented unauthorised access to your records, is to destroy the data storage device.
Shredding uses a powerful industrial machine with exceptionally strong rotating metal teeth, slicing data-bearing assets into 30-6mm-wide fragments that would be impossible to reassemble.
Hard drives contain many of the earth’s finite minerals and precious metals, including neodymium and dysprosium which are used within the magnets along with nickel, palladium and gold in circuit boards. Such metals can be indefinitely recycled for continuous reuse.
Environmentally, physical destruction is not the best way to dispose of our electronic and electrical waste. Whilst the splinters of metal and circuit board are sent to professional recycling facilities for further processing, this will only recover approximately 70% of the reusable materials. * This may sound a reasonable proportion, but consider that we lose almost a third of reusable materials through this practice.
What is meant by data sanitisation?
Professional data sanitisation extends beyond simply deleting files so that it is no longer found by the operating system. Unfortunately, completing a factory reset is not sufficient – this is one of the biggest challenges in data governance and ITAD mistakes. As it removes the pointers to the files, rather than all traces of the documents themselves, it is responsible for significant data security issues and breaches.
Professional data erasure is a software-based process of deliberately, permanently and irreversibly removing or destroying stored records, making them unrecoverable, without the physical destruction of the drive itself. ^ Industry-leading Blancco software overwrites the available drive space with totally meaningless, random binary data. There is no way for the original documents to be recovered, even when using sophisticated forensic tools.
Is data sanitisation safe?
After processing, the system runs thorough checks on the drive to ensure that not a single byte of residual data remains. To evidence each device’s ‘pass’ status, a certified tamper-proof report and IT asset disposal accreditation certificate is produced – each with a unique identification number. The data is destroyed but the device isn’t; leaving the storage spotlessly clean, as if nothing was ever written to it.
To comply with legislation, you must be able to show that the data was erased in its entirety. Whether drives are shredded or erased, IT disposal services will supply a report for each and every asset, detailing precisely what disposition methods were used, when, where and by whom to provide a robust . However, secure data wiping services that use this advanced sanitisation computer software have a guaranteed Blancco verification report – often required for data privacy compliance within highly regulated sectors. Once this action, has been taken there is no need to shred the device.
Far more sustainably, when the data sanitisation technique is used to erase sensitive files, businesses can then choose to redeploy the device internally, donate or sell redundant IT assets ; making this a cost-efficient, budget-boosting solution too.
Your ITAD supplier will have a comprehensive working knowledge of secondary , IT procurement trends and current trends in hardware demand, and can therefore help you maximise the outstanding value of your end-of-life IT assets.
On average, data centre server racks and drives are replaced every 3-5 years, * and our laptops and desktops upgrade cycles tend to occur every 3-4 – that’s a lot of used tech contributing to a growing mountain of global e-waste. According to the Financial Times, by 2030, we will generate an estimated 75 million tonnes (mT) of e-waste globally, every year. That’s almost double the 2014 figure, therefore we must move towards circular, sustainable methods of disposal.
In 2021, Google claimed to already be using refurbished components in 27% of its server upgrades. And responding to previous criticism, Microsoft has pledged that 80% of assets following will be repurposed by 2024. It’s reassuring to see our global tech giants lead the way, helping other organisations to move past the ingrained practice that physical destruction is the best way to ensure safe, secure data disposal.
By adopting a widespread device deletion over device destruction approach, we can all reduce, reuse and recycle our business technology and drive our sustainability strategy through cost-efficient ITAD – all whilst remaining compliant with data privacy and WEEE legislation.
*Financial Times. ^Blancco, +Gartner Products Inc.
tier1 are proud to be a Blancco Gold partner, providing your organisation with guaranteed GDPR data disposal compliance and a fully circular route to secure IT asset disposal.
From big data ITAD to mobile device recycling, our professional data disposal not only meets the government’s NCSC standards; we are the most accredited ITAD partner in the UK, specialising in ITAD for highly regulated industries. We can provide on-site data erasure, shredding when it is absolutely necessary and advanced data wiping services at our advanced MOD-approved, secure facilities in Maldon and Manchester.
Contact our team on 0161 777 1000 (Manchester), 01621 484380 (Maldon) or visit www.tier1.com
Resources.
Blancco, Financial Times, Garner Products, Data Security Inc. Centrics IT, Tech Target, Trust Cobalt.