Obsolescence is a fact of life in the IT world. Speak to any IT Manager in any organization about the sheer quantity of smartphones, tablets, laptops, desktop computers, components, TVs, and more that needs to be disposed of. It’s an entire job unto itself.
In Africa alone, an estimated two million tons of electronic waste is disposed of annually, both at a consumer and corporate level. When discussing the world, this figure is many orders of magnitude higher. This represents an enormous environmental challenge, not least because developing countries are increasingly pushing back against “waste dumping” from developed countries.
On top of that, the regulatory environment around how to dispose of this equipment sustainably, as well as securely destroy the data on it, is becoming ever more fraught with risk. We’ve discussed the dangers of not securely destroying data before, but in a nutshell: fines for negligence and non-compliance can now total up to five percent of top-line revenue.
So having a proper IT asset disposition plan around how to deal with your organization’s electronic waste seems like a “no brainer”.
WHAT EXACTLY IS “IT EQUIPMENT”?
“IT equipment” or “electronic waste” can refer to a broad range of different types of equipment, all of which can store data in some form and all of which, therefore, require appropriate “disposal” at the end of their lifespan.
This includes, but is not limited to:
- PCs, Laptops, Tablets and Smartphones. All of which contain:
- Hard Drives, motherboards, and general storage components.
- Removable storage media such as:
- DVDs, CDs, Blu-Ray Disks (BDs), Flash Drives, and USB sticks, etc.
- Modern “Smart TVs” have storage capabilities
- Telecommunications equipment, photocopiers, and fax machines retain data.
In short, there is an enormous amount of equipment used in everyday business activities which retains data. Knowing this, helps to put the scale of the problem of disposing of it all, cleanly and securely, into perspective. Consider implementing a proper data destruction policy for your company.
The non-compliance dangers
Let’s begin with the dangers of non-compliance. If you’re familiar with information management laws, you’ve almost certainly heard of the POPIA Act, and GDPR, the all-encompassing piece of European legislation introduced in 2018. Since then, countries across the world have brought in similar pieces of data-protection legislation.
What this means for you is that securely disposing of all of that data is now a firm requirement by law. This isn’t just theoretical. We are increasingly seeing cases brought before courts about improper destruction of data, or organizations simply not destroying it at all.
Data erasure and secure destruction
There are two methods of deleting that risky data that sits on your equipment.
This method totally destroys the storage items. In each case, the aim is to utterly destroy the piece of physical equipment, through grinding, crushing, or other methods such as hard drive shredding. Prior to doing this though, one needs to ensure that all the data is erased.
In addition to simply destroying the physical equipment therefore, it is vital to remove the data. Removing the data provides a level of compliance and regulatory security, to protect organisations from the possibility of data breaches. Powerful software is used to completely remove any trace of data, right down to the binary layer on hard drives.
Where reformatting a hard drive will simply perform a pass that nominally “deletes” the data; data erasure overwrites everything right down to the lowest level, replacing it with a stream of zeroes, or other “pseudorandom” data. This should make any malicious data-recovery attempts next-to impossible.
Whether you choose to simply destroy the physical item, or to erase the data before hand is up to you. Although experts will generally advise employing both methods for maximum data security protection.
Sustainably recycling IT waste
In Africa, if you are familiar with GDPR and POPIA regulations, you are also likely to be aware of regulations like The Waste Electrical and Electronic Equipment (WEEE) Directive in the U.K., which set targets against the collection, recovery, and recycling of electrical equipment, almost 20 years ago.
Never though, has the environment been a bigger topic. With all major organisations having to report on their environmental performance and what they are doing to drive a net zero position (and when), businesses need to take every opportunity to enhance their sustainability credentials.
This position is not only being driven by Governments around the world, and the United Nations with the UN Global Compact initiative, but by customers too.
Everyone needs to reduce their environmental impact, so customers are looking at suppliers and strategic partners, to ensure that they meet with their own environmental aspirations and goals. Disposing of redundant IT kit is a key part of any sustainable, carbon reduction, strategy and everyone needs to find an environmentally friendly way to dispose of old equipment.
No longer can this be considered a “branding exercise”. Having a structured approach to sustainability forms part of the “customer proposition” which will impact sales performance, sales revenues, and the commercial bottom line.
IT waste disposal therefore needs to be thought of as an systematic process. From ensuring you’re getting the most out of what you already have with refurbishment, to procuring in a renewable way, to disposing of in a way that’s both sustainable, compliant with local laws and safe.