Gartner’s Take on ITAD and Security

Home/ITAD/Gartner’s Take on ITAD and Security

Gartner’s Take on ITAD and Security

Whether you are leading an M&A or updating a line of servers, ITAD is a simple and effective solution for consolidating your equipment and returning some of those funds back into your OPEX budget. The ITAD process, however, is only beneficial and efficient when managed properly. ITAD and security done well go hand in hand.

Lack of expertise, general carelessness, and unexpected delays can result in a higher cost than just unrecovered value. Ultimately, IT asset disposition is only as effective as the safeguards you put in place and the vendors you choose.

Gartner’s Response to Corporate ITAD Vulnerabilities

Gartner, a leading research and advisory firm providing information technology insight to business leaders across the globe, notes that industry fluctuations and a universal trend toward cloud architecture has caused companies to see a broad spectrum of equipment cycle through their data centers. Moreover, the dramatic rise in popularity of mobile and IoT devices has done nothing but compound these issues and has “forc[ed] a re-evaluation of traditional ITAD processes.”

In response to these re-evaluations, Gartner published its most recent ITAD key findings and recommendations for companies looking for better solutions to their disposition needs. Gartner experts share what they consider to be the three greatest risks within the ITAD process, listing data sanitization, transportation logistics, and recycling specifically.

What It Takes to Achieve Data Security with Sanitization

With the rampant hacking attempts and data infiltrations risks of our current age, companies are motivated to focus on the “clear and present danger” of their currently-in-use infrastructure and assets.  Where these companies often fall short is when they allow EOL equipment and unused devices to be queued for retirement without applying those same stringent data security protocols to decommissioned assets.

Whether your company is consolidating equipment between internal enterprise data centers or refurbishing hardware for external resale and disposal, Gartner recommends that data sanitization processes should take precedence over any promise of financial recovery. Even if your data has been successfully migrated to a secure environment in the cloud, the latent data on your legacy hardware poses a significant security risk if it is left exposed for exploitation. Depending on your company’s specific data compliance regulations—HIPAA, PCI-DSS, SEC, ISO, etc.—Gartner recommends an aggressive round of data wiping or destruction before you fully decommission any equipment. Because of the highly specialized software and physical tools required for thorough data erasure and destruction, Gartner recommends contracting with an experienced ITAD vendor. Not only will the vendor ensure comprehensive data security, it will also “provide certification that the data was sanitized to common industry standards.”

Crossing Lines and Staying Secure with Transportation Logistics

Crossing international borders with hardware that houses sensitive data is, admittedly, a less than ideal situation. But there are times and events that necessitate such measures. If you choose to contract with an external ITAD vendor for these international shipments, then you must give specific, detailed instructions for your company’s compliance requirements. In turn, your vendor should give you a clear understanding of their transportation protocols and logistics.

Gartner recommends asking the following questions:

  • Will the vendor provide chain-of-custody documentation?
  • Will the trucks and/or shipping containers be sealed and tracked?
  • Will the shipment go directly from your location to its destination? (e.g. will there be any stops for additional clients’ equipment or overnight layovers?)
  • Will the vendor use its own vetted employees and trucks, or does it use third-party carriers?

Moreover, you should research the vendor’s experience with international shipments. Is the company able to properly classify your hardware as well as acquire the necessary certifications and licenses to meet all customs regulations? If your vendor is not fully authorized to move your equipment across international borders, then getting slapped with hefty tax fines is only the beginning. You may also find yourself with little, if any, control over the continued security of your assets while they are indefinitely detained.

Recycling and All that You Leave Behind

Gartner includes a final warning that the act of recycling poses another ITAD security issue entirely—and it doesn’t necessarily have to do with your company’s data.

It is just as crucial to ensure secure data sanitization of hardware that is queued for disposal as it is for equipment sent to secondary markets for resale. However, Gartner takes this opportunity to stress—beyond corporate data concerns—the economic and environmental importance of proper recycling according to specific quality certifications. With increasing mobile device use and the sudden explosion of IoT devices, proper recycling methods become increasingly crucial. Gartner recommends that companies “attack now the rapidly growing management and disposition challenge of ‘IoTAD’” before the logistics overwhelm them entirely.

In addition to environmental concerns, however, Gartner points out that proper recycling and disposal practices “minimize risks to brand equity.” Corporate social responsibility is becoming a requirement, and more end-users are demanding transparency and accountability. Companies should consider the ramifications of ignoring zero-landfill solutions, as Gartner makes it very clear that what you leave behind directly affects both the present success and the future efficacy of your company.

ITAD and Security in Proper Practice

Saving money is obviously one of the priorities of IT asset disposition, but it should never be done to the detriment of your company’s overall security and success. Gartner continues to stress the importance of vetting your ITAD vendor; the effectiveness of your disposition initiatives depends on the quality of support that you hire. If the vendor is unable to offer complete assurances for these risks, then you need to keep looking.

Our clients need look no further than CentricsIT.

CentricsIT ITAD services offer comprehensive solutions to the complications and concerns listed above. We adapt to industry fluctuations and stay far ahead of impending trends and demands. CentricsIT not only saves you money, we deliver complete data sanitization services, offer foolproof international shipping logistics, and pride ourselves on our meticulously-maintained quality certifications.

 

About to update a new line of servers, but don’t know what to do with the old hardware? Contact one of our CentricsIT ITAD specialists to begin the process of secure disposition.

2018-11-09T16:24:24-05:00