With all the recent turmoil surrounding the global pandemic, companies have lost track of all the devices that are accessing their networks and more importantly, which staff are accessing confidential information.
Business owners urgently need to secure their data, both internally and externally, to ensure their data is not compromised or that they fall prey to a data breach.
Many employees have access to company data that they shouldn’t have. This makes businesses vulnerable to data breaches, especially with cybercrime on the rise and companies of all sizes being targeted. But whose responsibility is it to know which employees are privy to the most confidential digital assets.
Few businesses realise that even the data that resides on personal devices could result in a data breach. They also don’t understand that it's possible to recover the data from damaged hard drives, broken phones, credit card machines and even memory cards.
Abandoned hardware is by far the biggest cause of data breaches and the haphazard approach to IT Asset Disposition (ITAD) is costing companies millions of Rands. Most IT managers don’t have a clue what hardware they own or where the old redundant devices have been stored.
However, those companies that do have a strategy, spend much of their time and effort on their Information Technology Asset Management (ITAM) process but treat ITAD, the last component in the ITAM process, as an afterthought.
The massive volume and variety of connected Internet of Things (IoT) devices has brought attention to ITAD. This has also led to new and complex legislative mandates for secure and environmentally responsible disposal of equipment.
Data at end-of-life is a massive challenge for most companies, especially with uncontrolled data growth that has resulted in new corporate policies for data storage and retention. This is largely as a result of new global legislations and regulations such as GDPR and PoPIA.
IT asset disposal must therefore be addressed early on in the ITAM lifecycle. Businesses need to define asset classes, asset use and data storage. They also need to track End of life (EOL) and End of Service (EOS) dates to prepare for upgrades, recycling and proper disposal.
The risk of data breaches and loss of sensitive company and customer data is one of the main drivers for a sound ITAD program. For this reason, companies are investing heavily in security and data loss prevention tools, especially focussing on assets that reach retirement or need to be disposed.
To reduce possible company exposure to unnecessary risk, it is extremely important to consider ITAD across the entire lifecycle of each asset. One can reduce the manual administrative burden by implementing ITAM tools that can automate trigger notifications.
The ITAD function is often outsourced to a third-party to manage this responsibility. However, it is critical that when selecting a disposal vendor, that they operate to International standards, that they have consistently passed external audits, and possesses common industry certifications like ISO9001:2015. Experienced ITAM partners like Xperien help define the appropriate triggers and actions across the IT asset lifecycle.
ISO 9001:2015 demonstrate the ability to consistently provide products and services that meet customer and regulatory requirements. This accreditation reduces the risk for customers and gives them complete confidence that the vendor has been independently evaluated for our competence and performance capability.
Service providers like Xperien can help customers transition from a linear economy to a more circular economy by keeping valuable equipment in use for longer instead of disposing of it at an early stage.
The trend today is to move away from owning products. With numerous lease options available today, companies can now keep up with latest technologies without tying up working capital. Companies can lease high specification, refurbished laptops and PCs at a low cost. Xperien ensures that secure data destruction is done at the end of each lease to eliminate any concern of disposing of company data.
Refurbished computers are certainly a more cost effective option for disaster recovery infrastructure, especially considering that they are less likely to be used for operation infrastructure. Xperien also procures used computer equipment, tests it thoroughly and refurbishes it. It is then leased to companies looking for a low-cost option and one that enhances their environmental credentials.
At the end of the lease, one is given the option to purchase the assets at a reduced rate to further extend the lifecycle. Equipment that cannot be reused will have functional parts harvested.
*Wale Arewa is the CEO of Xperien.