The continuous drive for increased processing power and more storage means there is a huge increase in the number of redundant servers and hard drives that need to be disposed of. Local IT Asset Disposal (ITAD) specialist Xperien says there are many factors one needs to consider when disposing of hardware.
Competitors could easily recover sensitive data from dumped servers and hard drives. They can then use that information to steal intellectual property (IP), access product development and research for their own use, headhunt customers or even use this data against one in future bids for work.
By their very design, servers are intended to store data. So when disposing of servers, it is important to carefully consider the data that may still be stored on the drives.
Xperien CEO Wale Arewa says to prevent such problems, one must either remove the hard drives and physically destroy them, or use a secure file deletion tool to ensure all information is unrecoverable. "A simple format of the drives is insufficient."
"Where your business handles personal data, there is a legal duty under Protection of Personal Information (PoPI) Act to prevent loss or theft of that information. Your business must be able to demonstrate that you have properly disposed of personal data and put it beyond recovery by unauthorised third parties," he explains.
He says to meet such requirements, your business will either need to employ a secure file deletion tool, or physically destroy the hard drives belonging to the server being disposed of. "If you are hoping to resell or donate it to charity, secure file deletion will leave you with a usable machine – otherwise it will require replacement drives, significantly reducing its value to a buyer."
However a business chooses to dispose of old servers, the key consideration must be to ensure that all data is securely deleted before the asset leaves the premises. Failure to do so could be extremely costly in terms of reputation damage, regulator fines and lost business. Get it wrong and retiring old servers could be one of your most costly undertakings ever.
When refreshing or disposing of old IT equipment, one needs to consider where the old equipment should go and how should one dispose of it. One also needs to determine whether the assets will be recycled or donated. This is a process that is extremely cumbersome and it is not simply about deciding on either process. With donations, one needs to comply with the Consumer Protection Act 68 of 2008.
The Act prescribes that even though a company is donating equipment, the recipient is entitled to equipment that is in proper working condition as well as a warranty. Alternatively, should one choose to recycle the item, the selection of a partner that understands the environmental risk is essential, especially considering that the liability is not easily transferable.
"If you are looking for the most environmentally-friendly solution, you should consider using a third party IT refurbisher. But with many IT refurbishing companies, you need to ask the right questions to certify that your old equipment is handled in the right manner and your data is protected," he concludes.
For more information contact Xperien on (011) 462-8806 or visit www.xperien.com