Obsolescence is a fact of life in the IT world. Speak to any IT Manager in any organisation about the sheer quantity of smartphones, tablets, laptops, desktop computers, components, TVs and more that needs to be disposed of. It’s an entire job unto itself.
In Singapore, around 60,000 tons of electronic waste is produced annually, both at a consumer and corporate level. When discussing the world, this figure is many orders of magnitude higher. This represents an enormous environmental challenge, not least because developing countries are increasingly pushing back against “waste dumping” from developed countries.
On top of that, the regulatory environment around how to dispose of this equipment sustainably, as well as securely destroy the data on it, is becoming ever more fraught with risk. We’ve discussed the dangers of not securely destroying data before, but in a nutshell: fines for negligence and non-compliance can now total up to five percent of top-line revenue.
So having a plan around how to deal with your organization’s electronic waste seems like a “no brainer”.
1. What exactly is “IT equipment”?
“IT equipment” or “electronic waste” can refer to a broad range of different types of equipment, all of which can store data in some form and all of which, therefore, require appropriate “disposal” at the end of their lifespan.
This includes, but is not limited to:
- PCs, Laptops, Tablets and Smartphones. All of which contain:
- Hard Drives, motherboards, and general storage components.
- Removable storage media such as:
- DVDs, CDs, Blu-Ray Disks (BDs), Flash Drives, and USB sticks, etc.
- Modern “Smart TVs” have storage capabilities
- Telecommunications equipment, photocopiers, and fax machines retain data.
In short, there is an enormous amount of equipment used in everyday business activities which retains data. Knowing this, helps to put the scale of the problem of disposing of it all, cleanly and securely, into perspective.
2. The non-compliance dangers
Let’s begin with the dangers of non-compliance. If you’re familiar with information management laws, you’ve almost certainly heard of GDPR, the all-encompassing piece of European legislation introduced in 2018. Since then, countries across the world have brought in similar pieces of data-protection legislation.
What this means for you is that securely disposing of all of that data is now a firm requirement by law. This isn’t just theoretical. We are increasingly seeing cases brought before courts about improper destruction of data, or organizations simply not destroying it at all.
3. Data Erasure and Secure Destruction
There are two methods of deleting that risky data that sits on your equipment.
-
Secure Destruction
This method totally destroys the storage items. In each case, the aim is to utterly destroy the piece of physical equipment, through grinding, crushing, or other methods. Prior to doing this though, one needs to ensure that all the data is erased.
-
Data erasure
In addition to simply destroying the physical equipment therefore, it is vital to remove the data. Removing the data provides a level of compliance and regulatory security, to protect organisations from the possibility of data breaches. Powerful software is used to completely remove any trace of data, right down to the binary layer on hard drives.
Where reformatting a hard drive will simply perform a pass that nominally “deletes” the data; data erasure overwrites everything right down to the lowest level, replacing it with a stream of zeroes, or other “pseudorandom” data. This should make any malicious data-recovery attempts next-to impossible.
Whether you choose to simply securely destroy the physical item, or to erase the data before hand is up to you. Although experts will generally advise employing both methods.
4. Sustainably recycling IT waste
If you are familiar the with GDPR regulations then you are also likely to be aware of regulations like the Environmental Protection and Management Act (Cap.94A), Hazardous Waste (Control of Export, Import and Transit) Act (Cap.122A) which regulate the generation, disposal, treatment, recovery of material or product, storage and labelling of scheduled wastes.
Never though, has the environment been a bigger topic. With all major organisations having to report on their environmental performance and what they are doing to drive a net zero position (and when), businesses need to take every opportunity to enhance their sustainability credentials.
This position is not only being driven by Governments around the world, and the United Nations with the UN Global Compact initiative, but by customers too.
Everyone needs to reduce their environmental impact, so customers are looking at suppliers and strategic partners, to ensure that they meet with their own environmental aspirations and goals. Disposing of redundant IT kit is a key part of any sustainable, carbon reduction, strategy and everyone needs to find an environmentally friendly way to dispose of old equipment.
No longer can this be considered a “branding exercise”. Having a structured approach to sustainability forms part of the “customer proposition” which will impact sales performance, sales revenues and the commercial bottom line.
IT waste disposal therefore needs to be thought of as an systematic process. From ensuring you’re getting the most out of what you already have with refurbishment, to procuring in a renewable way, to disposing of in a way that’s both sustainable, compliant with local laws and safe.
