Business owners could be in for a data protection headache as many used electronics that are returned still hold personal information on them. In many cases these devices have information such as credit card details, personal passwords and photos.

By Bridgett Vermaak, ITAD specialist at Xperien

They need to realise the importance of data security when issuing and decommissioning IT assets. There are major privacy concerns as more used laptops and smartphones are returned to employers with sensitive personal data.

Imagine the monumental task of preparing and issuing thousands of new laptops to remote workers that are distributed across the country. This is, in context, far easier than trying to recover the retired equipment securely.

Employers have a legal obligation to clean these devices professionally and ensure that all data is erased from them prior to decommissioning and disposal or redistribution. Sadly, this is not done professionally and new users inadvertently are able to access confidential information of the previous owner.

ITAD firms traditionally provided secure erasure of hard disk drives onsite at their customers’ locations. This approach offers convenience for the customer as well as maintaining security by only allowing drives to leave the secure facility after they had been sanitised.

However, at the same time, onsite secure erasure was resource intensive for ITADs to dispatch operators to customer sites.

With innovative erasure technologies, IT asset disposition (ITAD) service providers can now safely decommission and erase storage media that are physically located anywhere, without staff travel. This approach helps ITADs cost-effectively enhance enterprise data security for their customers.

Use case

If you consider any large organisation, they would deploy a new laptop to their users, which is generally quite a cumbersome project even at the best of times. Now with lockdown, it’s become an even bigger challenge, and the technology change is under pressure because of it.

With the increase in remote working, many clients are concerned about getting technology back from the end users. The managed service providers (MSPs) continue deploying new laptops to home workers and there is no way of returning their old equipment. The biggest concern is removing the data on the old equipment.

Xperien has developed a solution to remotely sanitise any IT asset. This means remotely removing the data, which is important to maintain compliance and to ensure that the company’s proprietary information is removed completely from those assets.

More importantly, there are minimal or no costs for this service because it is recovered from the residual value of the asset, which we ultimately give back to the organisation. They may still even find that they get a return on investment from the clean asset.

Compliance

This function is governed by legislation including the Protection of Personal Information Act (PoPIA) and General Data Protection Regulations (GDPR). One needs to ensure that the data is removed according to the regulations ITAD providers need to provide evidence that the data has been removed securely.

Xperien provides a certificate of authentication that the data has effectively been removed and that the organisation complied with the respective regulations