Security Issues to Consider With IT Asset Disposal

IT asset disposal is the process of disposing of used information technology equipment such as PCs, printers, and servers in an effort to upgrade to a new IT system. There are certain precautions that are necessary with IT asset disposal since the process can make an organization vulnerable to security risks pertaining to data. Some of the security risks include the proper handling of sensitive data and legal compliance with the method of disposal of the IT equipment.

When considering IT asset disposal, a company must effectively balance factors such as risk tolerance that is involved with disposing of secure data, the individual business needs of the company, and all of the regulatory requirements associated with IT asset disposal.

IT Asset Disposal Security Issues

  • Hard Drive Data: Organizations must decide whether to handle the process of securing hard drive data onsite before deployment or to outsource the task to a vendor that has expertise with asset disposal. If the company decides to perform the task on the premises, the process must be thoroughly understood to prevent file sharing and information security breaches. Outsourcing the task to a third-party vendor with expertise in asset disposal is a viable option; however the vendor should have a dedicated project manager who has a proven track record of successful disposal of IT equipment and secure data.
  • Data Security Options: There are several different methods of disposing of sensitive data that include hard drive sanitization, destroying the hard drives altogether, or using an IT asset disposal vendor. Hard drive sanitization is very expensive to perform if the organization owns a large number of computers and other IT equipment. If the organization deploys a method for destroying the hard drives and network hardware, it loses out on the re-market value of the used IT equipment. The organization can also decide to use a third-party vendor that specializes in proper IT asset disposal and is capable of performing the task with reliability and integrity. Regardless, all three of these methods have some costs and risks associated with disposal; however it is necessary to utilize one or more of these methods to secure sensitive data.
  • Legal Compliance: In addition to other concerns related to IT asset disposal there is the issue of legal compliance. Properly disposing of IT assets not only protects the environment but also protects the company.

If the company opts to use a third party vendor who specializes in IT asset disposal, this does not relieve the company of liability for the fate of those assets once they leave the company premises. While ownership of electronics can be easily transferred, the original owner can still be liable if the IT assets are disposed of improperly.

Identity theft comes in many forms.

A person’s identity can be 'borrowed' for the purpose of creating fictional credit cards or a person’s entire identity can be usurped to the point where they can have difficulty proving that they really are who they claim to be.

Up to 18% of identity theft victims take as long as four years to realize that their identity has been stolen.

There are many ways to protect your personal identity and many steps you can take to prevent your identity from being stolen:

*Never give out unnecessary personal information
*Never provide bank details or social security numbers over the Internet
*Always remain aware of who is standing behind you when you type in your personal credit codes at ATM machines and at supermarket checkout swipe machines.