IT Asset Disposition for Copiers and Printers (and their hard drives)

Posted in Blog

Glenn Laga

Here’s a data destruction hot tip pulled right from our recent 30 common places where data is stored blog: most all-in-one printers and networked copiers have internal hard drives. Yep, these everyday business workhorses are an overlooked data security gap. And, they’re completely ignored in IT asset disposition planning.

Sensitive documents are everywhere.

Unless you’re actively monitoring what your printers and copiers are spitting out with Data Loss Prevention software that flags what document is printed where, your trusty  office equipment is quite likely saving last-printed private and confidential documents like these inside:

• Human Resources Personnel Files
• Client Records
• Patient Medical Records and Data (HIPAA)
• Financial Statements
• Legal Documents
• Security and Internal Processes
• Product Development Plans
• Contracts

What is the data access risk for printing, scanning and copying?

When these smart business devices reach end of life or lease return, there’s often a stockpile of scanned, printed, copied or spooled confidential company documents that leaves the building with them.

Just like any IT device, the data on a copier or printer that leaves your building is more valuable than the device itself. Risk, IT and security managers,should include copiers and printers as part of corporate asset disposition and data destruction programs.

Add data destruction for all your copiers and printers to your enterprise IT asset disposition program

Start by gathering a list of manufacturers, model numbers and locations. With that in hand, ask your reseller or asset disposition contractor if the devices have a hard drive and if data destruction is included in your contract. You’ll want to ask for

• A confirmation process that determines if the equipment has a hard drive or memory
• A full data destruction process (erasure, degaussing, shredding, mutilation).
• Chain of custody documentation including a Certificate of Data Destruction (and R2 recycling if that’s where your equipment is going), the scanned serial numbers from each hard drive and an Asset Transfer Form (ATF).

And, as always, we recommend insisting on a NAID AAA Certified data destruction provider to ensure that you have the security, compliance and peace of mind you require.

Related video: Guardian’s Copier and Printer Program (right from our warehouse)

Talk to us if you have any questions about your copiers ad printers — we’re happy to advise. Copy that!