E-ChannelNews, one of the most prolific information sources for the IT channel, recently interviewed Guardian’s Brendan O’Byrne, Director of Enterprise Services and Dale Hurteau, Client Success Manager.
IT channel’s role in guiding data sanitization compliance
The 30-minute video podcast, “Don’t let your data travel!” focuses on the distinctions between DoD and NIST standards in data sanitization methods. And more importantly, how misinformation in the ITAD, VAR and MSP channel (and their customers) can lead to non-compliance and potential data breaches.
Throughout the recording, Hurteau, O’Byrne and eCHannelNews host Julian Lee discuss aspects and share stories about the role of compliance, common disconnects between data sanitization standards (DoD vs NIST) and, more pointedly, the potential and highly detrimental consequences of neglecting data security and compliance.
WATCH: Don’t let your data travel! New data destruction compliance is here! >
Letting data travel was the initial hot topic of the expert chat. Risk associated with devices moving out of a controlled area and loaded with hot data are high. It’s only logical that lost, untracked, stolen and misplaced hard drives are impossible to sanitize if they aren’t part of a tight chain of custody process. And that’s just step one in the asset disposition process for the IT channel.
RELATED: Understanding the importance of IT asset chain of custody >
The discussion focuses primarily on the role of IT channel partners, MSPs, VARs, resellers and ITADs, when it comes to understanding and guiding their clients about implementing data sanitization compliance when data security and cybersecurity are required.
A story of standards confusion (and resolution)
As Lee notes, Guardian Data Destruction’s unique position as a neutral, NAID AAA Certified third-party service provider for IT industry partners has pinpointed the data sanitization disconnect between IT departments and their channel partners.
In that light, O’Byrne shares a recent (and common) request from an IT channel partner: a NIST 7-pass wipe. The requested erasure standard for a Fortune 50 client was an inaccurate mashup of the recommended NIST and the outdated Department of Defense standards. O’Byrne immediately reached out to the ITAD to point out the disconnect and recommend the right compliance data wiping. Armed with accurate information, the IT channel reached out to their client for a finalized data sanitization specification and, of course, a project in compliance.
Get help with NIST and DoD compliance questions
When it comes to risk, this type of mixup of the standards is widespread but easy to remedy. To assist, Hurteau, O’Byrne and other Guardian experts created the concise, free and downloadable “Using the NIST 800-88 Rev1 Standard for Data Destruction–A Reference Guide”. It’s designed to guide anyone in the position of authorizing data disposition to do it right.
Guardian’s IT channel partnerships
Secure, absolute and compliant onsite data destruction is Guardian’s primary service offering. It’s often the bundled into large, complex projects that include logistics, media destruction, onsite wiping, onsite audits and decommissioning of data centers. Per Hurteau, “Our success is built on advising and providing services to our Channel Partners and serving as an extension of their teams. We work with them to add value and ensure compliance for their clients.”
RELATED: Guardian’s Channel Partner program >
IT channels must focus on data destruction compliance
The significance of cybersecurity missteps in the IT supply chain and the increasing importance of compliance issues in data destruction are clear. Throughout the recording, three podcast participants highlight the interconnected nature of data, compliance, vendor responsibility and the need for heightened awareness and education at channel and client levels.
Video milestones
0:38 Who is Guardian Data Destruction? And what are our services?
2:30 The benefits of channel partnership for data destruction
2:60 What happens after the retirement of IT assets? Or after a refresh?
4:07 Data security for resale, remarketing and recycling of IT products (for resellers and ITADs)
5:35 Don’t let your data travel (preventing a data breach)
6:00 Organizational understanding of their risk exposure of IT assets and how to define IT asset disposition project scope
6:45 How to determine chain of custody confidence and trust levels
7:56 Is recycling secure without ensuring data destruction? Bad actors know how to get your data off your HD even encrypted data.
9:25 Who and what is involved in data security and data wiping?
12:30 How long does it take to wipe a hard drive?
14:10 What is the importance of NIST compliance?
20:00 Shred vs erasure (is deleting erasing?)
21:30 The cost of confusion in DoD and NIST standards
25:25 How data security threatens cybersecurity
26:45 Developing and implementing a data security plan28:30 Get the channel up to speed on where data is stored in IT assets
About E-ChannelNews
E-ChannelNews is a daily online TechnoPlanet publication serving the IT channel for nearly three decades. TechnoPlanet assists technology vendors, resellers and MSPs in the development of their channel partner ecosystems (https://www.technoplanet.com).
Read next
- Agencies and Industry Organizations the IT channel needs to know
- 15 compelling reasons to switch from hard drive shredding to data erasure
- How to find trusted vendor-partners that align with your asset management policies
Sign up for email updates to receive the latest in data security options from Guardian Data Destruction
