How to Plan for IT Equipment Decommissioning
All computer equipment becomes outdated at some point in its life-cycle. Planning ahead for the decommissioning, replacement and re-marketing of your obsolete IT assets is a necessary step to avoid unexpected risks.
When you are approaching this phase in your IT asset management (ITAM) process, it’s time to make a plan for IT Asset Disposition (ITAD). According to techarget.com, IT asset disposition (ITAD) means “disposing of obsolete or unwanted equipment in a safe and ecologically-responsible manner.
The term “safe” in this definition does not just mean protecting the environment, it also refers to the safety, security and protection of confidential data that may be stored on your electronic devices. Companies often look for some type of financial return in the ITAD process as well. When the right program is in place, you can benefit from value recovery, increased efficiencies, security and sustainability benefits. To ensure this happens, here are the steps of a correct ITAD plan:
Deinstallation: Each device must be completely uninstalled, accounted for and secured to ensure no data may be leaked or equipment may be misplaced or stolen. Often times, ITAD providers will supply you with hard drive security bins to store any loose media storage devices to guarantee their security.
Data Destruction: Devices ranging from cell phones, to tablets, to PCs, even printers all must be completely wiped of data or destroyed to ensure nothing is retrievable. Hard drive shredding can often be done onsite right at your facility or equipment can be securely transported offsite to undergo wiping or shredding at the vendor’s facility. It’s important to make sure the vendor follows the National Institute of Standards and Technology (NIST) Special Publication Series 800-88 for all hard drives and solid state drives, which is the industry recognized standard for complete data sanitization and destruction, higher than the U.S. Department of Defense Sanitizing (DoD 5220.22-M) standards that many non-certified companies reference. It’s also important to use certified providers, whether to the R2 certification, e-stewards certification, or both, to ensure they are implementing secure processes and procedures verified by third-party audits that guarantee all equipment is being handled securely, not just taking their word for it. This step is crucial when accounting for proprietary data protection or privacy legislation compliance in heavily regulated industries such as financial services and healthcare.
Logistics: Transporting devices from your facility is an important step to the ITAD process. Your vendor should have proper insurance coverage and trained staff to ensure safe and secure handling to not only make sure equipment is protected, but also preserve any remarketing value you may be able to get back. Tracking and shipping paperwork is a critical point in the chain-of-custody trail to track all equipment as it leaves your facility and continues through the process, meaning to the vendor’s facility as well as to any downstream partners they may use.
Refurbishing and Remarketing: Reputable ITAD providers will be able to assess the resale potential of an IT asset based on the age, functionality, appearance and overall condition. Assets that are able to be reused should be wiped of all data, refurbished and remarketed to obtain the best possible remarketing value for you as the client. Reporting that includes what devices were resold and why other items may not have been resold is important to help you gain visibility on the service being provided.
Electronics Recycling: Any equipment that cannot be reused or resold must be handled properly. This is a critical step of the ITAD process where many companies fall down. As a global problem, many vendors contribute to the e-Waste crisis by illegally dumping or shipping broken and unwanted electronics that they can’t resell for cash. If caught, the original generator is held responsible: This means You. It’s important to use an electronics recycler who is certified to either SERI’s R2 or BAN’s e-Stewards certifications to make sure they are truly doing it the right way and protecting you, your reputation, and your equipment from ending up in the wrong place.
Certificates and Reporting: As devices follow these steps, it’s important that they are tracked throughout the process and the vendor is able to generate reports for you to verify everything has been done right. Certificates of Destruction and other types of reporting like Bills of Lading and serial number asset reports can provide you with evidence of proper destruction and recycling in the case of an audit or serve as peace of mind that you are protecting yourself, your company and your customers. This type of reporting also supports and verifies corporate sustainability goals. Again, using R2 certified and e-Stewards certified companies will help you verify the reporting and certificates are legitimate.
By extending your IT asset management with a controlled, decommissioning process, you will be able to minimize costs, maximize remarketing returns, streamline logistics, and gain the visibility you need to provide clear communication for your team, executives or auditors while avoiding dangerous risks of careless IT asset disposal. If you are looking for an ITAD partner to help you in the South Dakota, Nebraska, Iowa or North Dakota region, contact SEAM in Sioux Falls for a free project quote.