How to properly dispose of electronic waste
Organizations need a program to properly dispose of their electronic waste not just to stay secure and compliant, but to help the environment.
Picture a distant storeroom—really just an unused office—stacked to the ceiling with turn-of-the-century PCs, monitors, servers, and printers. They're dead...but they aren't gone. And they may still be full of confidential data that must never leave your control. It's a tricky (and dusty) problem.
Computers, flash storage, displays, copiers, mobile devices, media and other types of e-waste are the fastest-growing segments of dangerous landfill components, according to the Environmental Protection Agency.
E-waste is a threat to the environment. The heavy metals contained in e-waste seep into the water table or end up as air pollution if they are burned. If all those heavy metals from e-waste are responsibly recycled, they can significantly reduce the demand for mining those metals and reduce the associated ecological cost.
Implementing a Program
If compliance and environmental reasons are not enough to get an organisation to employ a responsible program for handling e-waste, it should consider a few things. For instance, it is common for offshore e-waste processors to let organised criminals comb through discarded drives in search of personal information to use in scams.
Organisations need a secure, auditable and green IT asset disposal program in order to adhere to the highest standard of environmental responsibility and worker safety.
Organisations should choose a partner with extensive experience in security and compliance to complement the ecological drivers of a proper disposal and recycling program. Together, this translates into an end-to-end set of best practices for the secure disposal of e-waste.
These best practices have a foundation just like that of any other compliance-based program. It should start with a documented procedure and naming responsible personnel for the program; include documentation of recycling and destruction; and include the need for auditable control points and vetted vendors.
Moreover, like any good compliance program, automation makes it easier. If an organisation uses a device management program to automate its IT assets, proof of destruction can be linked to the program so it can provide the basis for audit control.
The Cost of Electronic Waste Disposal Programs
When discussing secure disposal programs, there is no getting around the question of cost. Like any compliance program, secure disposal programs cost money. A proper recycling program may result in used devices being recycled in an organisation, thereby offsetting capital costs for new IT equipment.
Organisations should also bear in mind that data breaches from lost or stolen devices would far more outweigh the cost of proper e-waste recycling. This alone is the basis of a positive return on investment, not to mention peace of mind for a chief compliance officer.
Simply recycling or disposing of e-waste is an ideal goal. Unfortunately, mass-market consumer recycling efforts often overlook the security and compliance issues that are vital for businesses. When looking for an IT asset disposal service, businesses need to ensure that the data on their devices is incontrovertibly destroyed along with the device and that they have a certificate of destruction to prove it.