How to Reduce the Risk of Data Breach from Unwanted IT Equipment

Aug 15, 2019

Like many Sioux Falls, SD businesses, you’re probably pretty excited about upgrading to new computer equipment, but not nearly as motivated to deal with the old stuff. Unfortunately, many businesses find themselves dealing with rooms full of outdated and unused computer equipment and mobile devices while they move on to more important things. This can pose a serious risk of a data breach.

Whether light-fingered employees “appropriate” these items for personal use (or more nefarious purposes), you suffer losses through burglary, or items accidentally get dumped instead of properly decommissioned, the sensitive data housed on unwanted IT equipment could become a major liability. How can you protect your business from the risk of data breach posed by IT equipment left languishing?

Secure It
The first thing you need to do is make sure old equipment is secured against internal threats. You can’t just leave computers, tablets, and cell phones lying around where anyone could snatch them. People aren’t great at resisting temptation, so don’t tempt them with “low-hanging fruit”. Designate a secure area to hold unwanted equipment until it is disposed of and make one person (like a facilities manager) or one group (like the IT department) responsible for items within.

Inventory
The ability to keep track of equipment is essential, both while in circulation and once you’ve decommissioned it. With appropriate tracking software, including barcode scanning, you’ll have a much easier time securing devices and ensuring they don’t go missing.

Schedule Destruction
Life cycle planning for equipment and devices includes more than simply purchasing items and determining when they’re likely to need replacement. You also have to engage in end-of-life planning for electronics.

This means creating a schedule for destruction. When you upgrade to new devices, you need to properly dispose of old ones within a set time frame. Such policies and practices will help to reduce the risk of theft and data breach.

Work with a Certified ITAD Provider
Most companies are not equipped to dispose of old computer equipment and devices on their own, and if you want to comply with applicable privacy laws, not to mention environmental laws, it’s essential to partner with a certified IT asset disposition (ITAD) service provider to manage these concerns on your behalf. What will the right company offer?

To start with, you’ll want a secure chain of custody that starts at your location. Look for a vendor that offers locked carts or bins to securely collect devices in your office. From there, they should visit your office for pickup and either shred devices on-site while you watch or take them to a secure facility for destruction.

An online client portal that lets you track the status of devices by serial number provides the transparency you expect, and Certificates of Recycling and Destruction are proof for your records. You may also want to consider a partner that not only offers secure shredding, but device wiping that complies with privacy laws, in case you want to remarket devices to recoup some cost.

Reducing risk of data breach from unwanted IT equipment is a major priority for many Sioux Falls, SD businesses, and SEAM can help. Contact us today at 605-274-7326 (SEAM) or online to learn more and request a quote.