5 Essential Components in Data Center Decommissioning

Decommissioning old IT equipment is a complicated and involved process that almost every business has to deal with at some point. Your data center is more than a few stacks of electronic components—it’s all of the sensitive material your company has collected through the years. The equipment may no longer be valuable, but the data certainly is. Before embarking on the process of decommissioning, be sure to complete the following five steps.

1. Define the Scope of Work

Take the time to outline all the process details, including safety procedures, removal stages, and destruction. Consider these questions:

• What is the total square footage in each location?
• What is the master project timeline?
• How much equipment is tagged for removal?
• Which tasks are my staff doing, and which are the responsibility of the vendor?
• Is there special equipment that needs to be moved?

List all the exact responsibilities, methods, and locations that will help you keep the process on track when things start getting complicated.

2. Perform a Data Audit

Begin by tracking and auditing each piece of equipment and the data it holds. This step is essential as an inventory of your assets and equipment. With a list in hand, your ITAD service can make informed decisions about which method of decommissioning is most appropriate. Proper data destruction needs to be accountable and traceable.

3. Itemization

Itemize all of your data assets to include:

• Hardware
• Software/software licenses
• Servers
• Firewalls
• Routers
• Networking gear

A complete itemized asset list will allow you to track each item’s final destination—destruction or recovery.

4. Outline Requirements for Tools and Labor

Getting halfway through the project only to discover you don’t have all the proper equipment is a waste of time, labor, and money. That being so, be sure you have the necessary equipment before starting, which includes:

• Forklift
• Degaussers—electromagnetic or permanent magnet
• Hoist
• Pallets
• Basic hand tools
• Labels
• Boxes
• Packing materials—tape, stretch film, poly bags, bubble wrap, packing foam

To estimate the labor needed, consider the number of people and hours required for each step. If you’re hiring third-party vendors, allow time for security and background checks if they are not certified.

5. Data Destruction

Make a plan for deleting unwanted data. Data shredding and data wiping are two of the most secure ways to protect client data, personally identifiable information, protected health information, and other sensitive data. Failing to dispose of sensitive data properly could lead to lawsuits and the loss of your company’s reputation.

Data Shredding and Data Wiping

Shredding hard drives, USB drives, and other removable storage devices can quickly be done at your facility by a reputable vendor. An advantage of on-site destruction is the ability to have a company representative witness the process.

When opting for secure data erasure (data wiping), confirm your service provider complies with current National Institute of Standards and Technology (NIST SP 800-88) standards for data sanitation.

For shredding or wiping, your vendor should provide you with a Certificate of Destruction and Recycling. Other reporting may also be available as requested.

SEAM has been assisting South Dakota business owners with secure asset management since 2012. Contact us with questions or concerns about data destruction for data center decommissioning or routine security.