Todays business landscape is dramatically different than just 2 years ago. Gone are the days when disposal of computer equipment required nothing more than a simple walk to the dumpster to “drop off” old, worn-out equipment.
In todays Gramm-Leach-Bliley, Health Insurance Portability and Accountability Act and Sarbanes-Oxley world, proper disposal of computer assets presents a variety of new challenges and risks to businesses. The “risks” associated with end-of-life (EOL) computer disposal include new government compliance regulations, data security concerns, environmental dangers, escalating disposal costs and administrative issues.
However, the news is not all bad. Handled properly, retired computer assets represent opportunities to produce significant income while helping to reduce your businesss total cost of technology ownership.
During the past few years, there has been a marked increase in government regulations dictating how enterprises should conduct business and safeguard the personal data they collect. Such government regulations were enacted to protect customers personal financial dataincluding name, address, Social Security number, account numbers or nonpublic personal data, patient medical records and other personal health care informationand to maintain an adequate internal control structure and procedures for financial reporting.
Government regulations have awakened businesses to the need for erasing all data from computer assets before disposal, including the need for documenting the process of drive erasure. Disposing of computer assets without ensuring proper file deletion presents huge business risks, as well as the danger of non-compliance with federal laws. Loss of sensitive data though ineptitude or theft could lead to multimillion-dollar awards to plaintiffs.
When considering data erasure, there are at least 4 levels to choose from. Equally important, special equipment and software are needed, as well as skilled technical people. Without these 3 elements, data often can be easily taken off supposedly erased media.
For hard drives and other media with no value, media destruction will prevent data theft.
Again, there are several options including drilling, shredding and melting of media. The crucial step for ensuring erasure is to match the level of data security need to the corresponding level of erasure technology.