Disposing of IT assets: "You found what on those hard drives?"

Blogs and Articles

Some organisations dispose of their IT assets by recycling what they can and discarding the rest.

7 min
Disposing_of_IT_Assets | Iron Mountain

Some organisations dispose of their IT assets by recycling what they can and discarding the rest. For others, this process involves reselling parts that still hold some market value. Although today’s industry has a strong focus on compliance, governance and security, there are still several accounts of sensitive business or personal data falling into the wrong hands due to the improper disposing of IT assets.

As CIO reports, Kessler International conducted a 2009 survey in which it purchased 100 used hard disk drives on eBay. The study found that 40 percent of the purchased drives contained sensitive corporate data and personally identifiable information (PII). Unfortunately, the improper disposal of IT assets continues to be a problem today. As The Register reports, a 2016 study conducted by Blancco Technology Group (BTG) analysed 200 used hard disk drives that were purchased through the likes of Craigslist and eBay. BTG found that only 10 percent of the drives had undergone a secure data erasure process. Furthermore, 67 percent of the drives contained a wealth of PII such as social security numbers and resumes. Unfortunately, this study shows how a breach can affect both consumer and organisational data. The information on the drives included assets such as company emails, CRM records, sales spreadsheets and product inventory data.

With all the potential data breach risks that come with the process of disposing of your IT assets, you might want to reach out to an experienced service provider to perform a proper and secure media destruction service. However, it’s important to be wary of the provider you choose. As Computerworld reports, a power company found itself in hot water back in 2006 when 84 of its used hard drives were purchased by various parties on eBay. These drives contained detailed power grid diagrams, lawsuit data and employee social security numbers. This situation was a direct result of the fact that the utility company had contracted its asset disposal to an unreliable service provider that resold the drives without performing the necessary erasure procedures.

This public utility company’s experience can be seen as a cautionary tale: You must tread carefully when trusting other companies with your data. That being said, taking on the task of proper IT asset disposition (ITAD) is no small feat, especially when you have a lot of assets.

 

Related resources

View More Resources
Cheerful woman working in an office

Iron Mountain at a glance

We’re here to protect and elevate the power of your work — whatever it is, wherever it’s located, however it’s stored. Find out how we do it.
10 June 2024
IDC White Paper: The Intersection of AI and IT SustainabilityPremium

IDC white paper: The intersection of AI and IT sustainability

Capitalising on generative AI (GenAI) technologies means upgrading IT infrastructure and devices, leaving IT teams wondering how to pay for the upgrades and what to do with existing assets. Learn why IT leaders are rethinking the role asset lifecycle management plays in implementing and reducing the environmental impact of AI technologies in this white paper from IDC.
Workplace it asset management iron mountain

Workplace IT asset management

Maximise the value of your IT investment.
View More Resources