The problem that shows up with every reduction in force
U.S. employers announced 202,118 job cuts in Q3 2025, the highest quarter since 2020. September alone saw 54,064 cuts, and year-to-date announcements are on pace to pass one million, according to Challenger, Gray and Christmas. Tech-specific trackers show thousands more in the sector through 2025. This means every week more corporate laptops and desktops are leaving active service, often on short timelines. challengergray.com+2challengergray.com+2
Those devices still hold sensitive data. Stolen or mishandled drives remain a top source of data loss. Several recent enforcement actions underline how expensive poor disposition can be.
Why erasure is a compliance requirement, not a nice-to-have
In the U.S., multiple rules align on one point. You must prevent unauthorized access to personal data when disposing of information systems.
• NIST SP 800-88 Rev. 1 sets the technical bar for media sanitization. It defines Clear, Purge, and Destroy with verification and documentation expectations. Enterprises use it as the reference for auditable wiping.
• The FTC’s Disposal Rule under FACTA requires “reasonable measures” for disposal of consumer report information. For digital media this includes effective destruction or erasure so data cannot be read or reconstructed.
• The FTC Safeguards Rule, updated in 2024, adds breach notification within 30 days for covered financial institutions and expects rigorous security programs that extend to asset disposition. Federal Trade Commission+1
• Sector and state laws increase stakes. HIPAA violations for improper disposal of protected health information are regularly penalized. California’s privacy regime continues to tighten deletion and data-broker obligations.
• Standards that enable reuse require provable logical sanitization. R2v3 allows reuse only when data are sanitized per Appendix B without physical damage that would block reuse. Independent audits such as NAID AAA verify operational controls for destruction providers.
Why wiping beats shredding for most endpoints during layoffs
Physical destruction is essential for certain media and risk scenarios. During layoff waves, however, certified wiping delivers three tangible advantages for fleet endpoints.
- Compliance plus auditability
Certified wiping aligned to NIST 800-88 produces a tamper-evident erasure certificate per device. This closes audit gaps and speeds legal sign-off during RIF timelines. NIST
- More asset value recovered
Devices that are wiped, tested, and remarketed retain resale value; devices that are shredded do not. Market research and case studies show organizations unlock donations and resale channels only when they can prove certified erasure. The secondary PC market is active again after 2024, which further improves recovery.
- Better ESG outcomes with less e-waste
E-waste is the world’s fastest-growing waste stream. Reuse after certified erasure reduces hazardous waste and supports circular-economy targets. Global e-waste hit 62 million tonnes in 2022 and is projected to reach 82 million tonnes by 2030.
The Guardian approach to layoff-driven endpoint disposition
We focus on secure, fast, and verifiable erasure with a single point of coordination so HR, Legal, IT, and Finance stay in lockstep.
- Intake and chain of custody
Pickups are scheduled with sealing, photo proof, and serialized logging on arrival. Every asset is reconciled against your offboarding list. Custody is documented end to end.
- Policy alignment
We map your risk posture to NIST 800-88 methods. Clear is used for standard corporate endpoints. Purge or Destroy is applied where data sensitivity, device type, or drive condition requires it. All methods include verification. NIST
- Certified wiping at scale
We execute logical sanitization for laptops and desktops with central orchestration and per-asset certificates. Exceptions are isolated to a secure lane for physical destruction when needed.
- Remarketing and reuse
Post-wipe devices move to test and grading. Eligible assets are remarketed to recover value or donated under client policy. Documentation ties resale or donation to each erasure certificate. Industry findings show many donors and buyers require certified erasure before accepting devices.
- Reporting and evidence
You receive a single package: asset list, erasure certificates, non-erasure destruction logs, COI, and ESG impact summary. This level of proof reduces internal review cycles and shortens the close on workforce actions.
Mini success snapshot
A U.S. software company reduced its headcount by 12 percent. Due to high security requirements, the client mandated onsite processing; no asset could leave the facility. Guardian mobilized an onsite erasure team, established controlled work zones, and executed NIST SP 800-88 aligned wiping with verification. Ninety-two percent of drives passed logical sanitization and were cleared for redeployment or resale. Eight percent moved to onsite physical destruction based on failures or policy exceptions. Chain of custody, photo proof, and per-device certificates were delivered immediately after each work block. The client recovered six figures in resale value and completed legal sign-off within two weeks of the final onsite session. This pattern mirrors broader industry results where certified erasure enables donation and resale programs that are otherwise blocked.
Risk of doing nothing or doing it wrong
Regulators have penalized firms that failed to properly dispose of storage devices, including high-profile cases tied to outsourced decommissioning and resale of media with residual PII. In addition, the FTC’s newer enforcement posture and breach notification expectations increase the cost of incomplete disposal processes.
What to ask your provider tomorrow
• Which NIST 800-88 method will be applied per device class and why
• How verification is performed and logged
• How erasure certificates are bound to serials and asset tags
• How chain of custody is captured from pickup to final disposition
• How exceptions are routed to physical destruction
• How R2v3 Appendix B reuse controls are satisfied for any device that will be resold or donated
The takeaway
Layoffs create real people challenges and very real data risk. Treat endpoint disposition as a controlled, auditable process. Choose certified wiping to protect your customers and employees, to comply with U.S. rules, and to recover value from assets that still have a useful life. Guardian will handle the entire workflow so your teams can stay focused on the transition.
