In today’s world of cyber crime and data breaches, the security of data should be a top priority for any company that handles secure customer information. Failing to dispose of your IT hardware securely can result in private data falling into the hands of cyber criminals, and under GDPR law, this can have catastrophic consequences for your business.
Avoid Being Sunk by a Data Breach
If your business suffers a data breach, you are required under GDPR law to inform your customers that you have allowed their data to fall into malicious hands. This will cause your business to suffer from negative publicity, likely causing the loss of a large portion of your customer base and deterring new customers from coming to you. This could also result in customers taking legal action against you, which will result in more financial difficulty.
On top of this, GDPR law means that your business may be subject to extensive fines. Each data breach case is assessed individually to determine where the fault lies, and fines will be issued in accordance with which terms of GDPR law have been violated. In the case of data being acquired by criminals due to the poor disposal of IT hardware, your business could be fined 4% of your annual turnover or €20 million, whichever figure is bigger. For many organisations, these fines could be fatal.
Even if your business survives the fines, recovering from a data breach is not an easy process. Firstly, you will have to hire expert consultants to test, re-evaluate and re-write your data protection procedures, which can be an extremely expensive process. Then comes the repair of your public image. You will need to make public improvements to your data protection procedures, much in the same way that FaceBook did after their data breach in 2018 with their “Data Misuse is not your friend” campaign. This campaign was spread across print media, TV, internet ads and billboards, and costed FaceBook millions and still did not fully repair their brand image.
This process will require a partial rebrand and a large outreach campaign to restore your customers’ faith in your business.
It’s safe to say that a data breach would be incredibly detrimental to your business. So how do you avoid one?
When it comes to IT hardware disposal, you have to ensure that the service you are using will render your data completely irretrievable. But how do you trust them to do that? Here’s a checklist that you can use:
- Complete Data Sanitisation – First of all, your hardware needs to be completely purged of all its data. In the modern world of data security, there is one service that stands above all. Blancco Software is used by military, government and high level corporate organisations to ensure that your data is wiped from the hardware before it is destroyed. If the service isn’t using Blancco, this could be a red flag.
- Secure Shredding – Secure shredding will be carried out on-site at your business premises in front of you. This ensures that your hardware won’t just be thrown away to fall into the hands of potential criminals. If a shredding company offers an ‘out of sight, out of mind’ service, this can raise concerns about what happens to it after it leaves your premises. On-site shredding is a good indicator of secure disposal.
- Full Tracking – If a company does not offer on-site shredding, you should check that they offer full tracking of your hardware via a barcode system, so you can monitor the progress of your hardware destruction. Also, full custody management at all stages of the disposal process will ensure that no items go missing. On top of this, full tracking ensures that you can prove to a compliance inspector that your business has fulfilled its legal duties for data protection.
If the disposal service you are using does not provide any of these assurances, it may be better to consider other options to ensure that your hardware is destroyed properly and all data is absolutely irretrievable.
The United Nations estimate that 90% of the world’s electronic waste is illegally disposed of in third world countries that suffer from high unemployment and a poor economy. In 2017, BBC Journalist Reggie Yates went to Ghana to document the lifestyle of people living on an electronic waste dump. What he found was a wasteland of old computers being torn apart for parts and hard drives to sell, potentially to cyber criminals.
When choosing the right hardware destruction service, you have to ensure that disposal is not only being handled securely, but also ethically to make sure that your hardware does not contribute to the epidemic of electronic waste in third world countries. The best hardware destruction services will ensure that any reusable components of your hardware will be recycled into refurbished products, cutting down on waste.
The Alternative: IT Remarketing
Destroying your hardware via shredding or incineration is a common practise for many companies (including AssetCare), but we also like to go one step further. Cyber criminals now have the means to recover data from hard drives that are destroyed, so our IT remarketing services will ensure that your data will be completely wiped using Blancco Software leaving no residual traces of data left on your hardware before it is destroyed. Not only is this process more secure, it also ensures that you’re doing your bit for the environment. We make sure that any hardware that doesn’t need to be shredded can be re-used instead of being dumped in landfill, potentially even coming back to your business. This would spare you from buying new equipment, and will also ensure that your business meets its GDPR and data protection requirements.
In case you needed another reason to remarket your IT, this process is often cheaper than physical destruction due to removing the need for disposing of hazardous materials within your hardware. So you’re saving money, potentially getting refurbished hardware back into your business, and ensuring you destroy your data securely and ethically. Get in touch with the AssetCare team today to learn more about how our service can benefit your business.