Tips for Reducing Risk of a Data Breach from Unwanted IT Equipment
Posted in Blog
Oftentimes, unwanted IT equipment is in a limbo, interim stage between usage and refresh or replacement. How can you minimize the risk of a data breach and potential litigation or embarrassment as you stockpile unwanted IT equipment?
- Don’t let old IT equipment or technology accumulate to a quantity or space that cannot be securely monitored and managed.
- Keep equipment destined for disposition in a secure area. We hear too many tales of servers missing from unmonitored loading docks, laptops going home with employees, and boxes of tapes and drives just getting lost in storage.
- Document every piece of hardware by tracking or scanning serial numbers and locations.
- Familiarize yourself with the law, your industry regulations, mandates and security guidelines.
- Educate equipment purchasers about the financial implications of security, privacy and environmental regulations when disposing of old IT equipment. You can easily build disposition costs into the initial leasing or equipment purchase plans.
- Understand “chain of custody” and how it affects your equipment getting safely from point A to point B. How does your equipment transition from employee hands or facility use to safely scrubbed or destroyed?
- Determine if your company has a “zero tolerance policy” for data breaches. Develop an asset management and disposition program that includes appropriate employee training, vendor selection and monitoring, IT security systems, standards, and accreditation.
- Review your contracts to understand your responsibility and contractual obligations. Do you return leased hardware with or without hard drives? Whose responsibility is it to ensure that equipment is properly wiped or destroyed?
- Assign responsibility to a single person or authority to maintain continuous oversight and records of your ongoing asset disposal program.
It is essential for all levels of your organization to understand that your business is accountable for the data stored on any of your unneeded IT equipment — even if it’s no longer in use or on your site. Your IT equipment VAR should be able to help you in the selection of an IT asset disposition vendor who can work with you to ensure that your data remains secure. Or, contact Guardian Data Destruction for additional information. We’re happy to help!
We also recommned
IT Asset Manager’s Guide to a Hybrid Data Destruction Policy
IT Asset Managers (ITAMs) are Rock Stars. That’s how we see it. Along with everything else on their plate, they’re managing and documenting the data …
IT Asset Manager’s Guide to a Hybrid Data Destruction Policy Keep Reading >
Reduce Risk in Enterprise Data Destruction: Reset Data Center Factory Defaults
Data destruction for the enterprise goes far beyond shredding, wiping and degaussing of data storage. Once data destruction processes move from desktops and laptops, hard …
Reduce Risk in Enterprise Data Destruction: Reset Data Center Factory Defaults Keep Reading >
5 “E” Rules to Go Bananas and Grow Your Business in Data Destruction
It’s a wrap for the 2023 i-SIGMA Conference and annual meeting. The Guardian #isigmaconf23 team was all ears for marketplace trends, industry takeaways and customer …
5 “E” Rules to Go Bananas and Grow Your Business in Data Destruction Keep Reading >
Stay in the know
Get relevant information right in your inbox
We do not sell or share your information with anyone