Respecting and honoring privacy. It sounds easy, right? How exactly that should be done is becoming increasingly complex given new technology, legacy technology, distributed workforce, data storage architecture, edge computing, backup systems, COVID and the plethora of subcontractors supplying and serving your office and IT equipment.
If you haven’t taken a good look at your processes, policies and the data you are storing, this is the time to do it: National Data Privacy Week which ends on National Data Privacy Day. While you won’t see a parade or balloons, kicking off the new year in lockstep with your IT staff and vendors to review exactly how you are handling data privacy is highly recommended. Now, that’s a way to celebrate!
Data privacy experts have advice for you
We thank these experienced thought leaders for their helpful contributions to our five-day series focusing on enterprise data privacy:
|Mon Jan 24||What is Data Privacy Day and why should you care?||Melissa Graham – Senior Vice President, Global Sales SHI International Corp.|
|Today||Data Privacy Day expands to Data Privacy Week. Here’s what the experts want you to know.||Eric Ingebretsen – Chief Commercial Officer TES-Sustainable Technology Solutions|
|Wed Jan 26||Data Privacy Week: Finding trusted vendors that align with your company asset management policies||Joe Marion – President The Association of Service, Communications, Data and ITAD providers (ASCDI) & Christian Foster – SVP CircleIT|
|Thurs Jan 27||Data Privacy: What Keeps Me Up At Night||Eric Dorn – Senior Vice President & General Manager Sipi Asset Recovery|
|Fri Jan 28||Celebrate Data Privacy Day with a Data Privacy Week Wrap-up||John Shegerian – Chairman/CEO ERI Direct|
Data privacy exposure issues you should be on top of
TES USA provides comprehensive lifecycle services for IT assets with an emphasis on sustainability. Eric Ingebretsen manages the global TES sales force and understands the vulnerability that data exposure creates:
“Concern about processes and the sanctity of the data is our #1 priority. While our processes are reviewed often, Data Privacy Day is an opportunity for any company, large or small, to reflect on how existing processes include protecting data on new and emerging technologies; tactics have to change to protect data privacy and diminish risk. For data destruction, we are seeing a rising demand for smaller shred sizes as companies focus on info security. Their low threshold for risk means a granulation of hard drive shredding on a global scale.
Data Privacy Day is well-timed to evaluate trends that will affect the year ahead. As an example, we’re still seeing significant workplace changes due to COVID. Therefore, IT logistics and privacy processes for the scale and permanence of work-from-home employees have to be developed and adhered to. In the absence of onsite security measures like secure access, cameras, onsite security and IT personnel, we’re focusing on secure logistics processes and methodology to cover data destruction, chain of custody, receiving of goods and documentation to ensure both data privacy and hardware tracking.
And, finally, for Data Privacy Day, we recommend evaluating your partners and downstream third-party provider vetting process. It should be robust enough to adhere to your company’s stringent policies and procedures covering compliance with government regulations, experience with industry standards, the highest level of certifications and untarnished financial and legal records.
TES is entrusted with the commissioning, deployment and retirement of technology assets. Data Privacy Day is an excellent reminder for all of us to examine and improve IT asset lifecycle policies, procedures and best practices.”
COVID has created data protection vacuums
As Eric points out, COVID has changed the workplace dramatically and perhaps permanently. And the rate of change has been so rapid and categorized as “temporary“ so data privacy and protection policies and processes may be lagging. Data Privacy Week is the perfect reminder to take a hard look at where your company data security infrastructure should be modified for new IT architectures and a significant work-from-home population.
At Guardian Data Destruction, we are working with companies that are backtracking to account for abandoned IT and office equipment. It may be hard to visualize but entire office spaces remain littered with IT equipment that has not been inventoried or accounted for since March of 2022. In these situations, locating, identifying, inventorying, confirming, cross-checking, onsite data destruction and then packing and logistics are required to securely clear the space.
And, finally, with equipment refreshes going to individual home offices instead of bulk deliveries, there are extra security precautions for transit and tracking. We’re seeing skyrocketing requests for remote erasure services to ensure that IT equipment (laptops, desktops, tablets) aren’t shipped from personal residences to processing centers with live data.
Ask for expert help
What are your vendors doing for you? Ask if they can offer the expertise that you need to caulk problematic data leaks. The TES mission is to create outstanding value for its customers, employees and stakeholders. Guardian Data Destruction is committed to providing a secure, transparent process and share our knowledge and experiences on all our services. SHI (see our previous blog What is Data Privacy Day and why should you care?) is standing by with “5,000 ridiculously helpful licensing experts, cloud engineers, architects, trainers and specialists”.
Data Privacy Week is the right week to review your vendors, downstream and upstream, to ensure that they have the commitment and follow-through that Guardian, SHI and TES offer to take care of you, your data, your equipment, your fears, your company. Their business depends on it and so does yours.
If you have any questions, reach out to us. Tomorrow, the third in our series of five for National Data Privacy Week, we’ll learn about trusted vendors and sustainability with input from the Association of Service, Communications, Data and ITAD providers (ASCDI) and CircleIT.