| |||||||||
| |||||||||
Current Filter: >>>>>> EOL - Getting it right! Editorial Type: Industry Focus Date: 05-2015 Views: 3075 Key Topics: Security End of life IT Recycling Data Auditing Key Companies: EOL IT Services ADISA Sims Lifecycle Services Key Products: Key Industries: | |||
| In a world where data proliferates – and is growing at a staggering rate - ensuring end-of-life (EOL) sensitive data and intellectual property is erased both securely and cost-effectively is crucial. But exactly how do you achieve that goal? Organisations have an ever increasing volume of data stored across a multitude of media, including virtual systems, USB drives, tapes, memory cards, HDD - all of which requires managing. One of the biggest challenges facing organisations, IT providers and IT recycling companies is ensuring end-of-life sensitive data and intellectual property is erased securely and cost-effectively.
• Who should you turn to, in order to get this right?
DEEP INSIGHTS A recent survey showed that less than 30% of clients manage the engagement in accordance with the Information Commissioner's Office guidelines. "Contracts, audits and clear service specifications should really be routine," adds Mellings, "but sadly there is a tendency to allow retired assets to leave with only cursory scrutiny of the companies to whom you entrust terabytes of personal and corporate data. "We have also seen that business clients are still preoccupied with magnetic hard drives. There are countless companies that satisfy themselves with a comfort blanket of certificates of hard drive destruction - or a confident position that 'we're okay, because we shred our hard drives'," he continues. "A failure to understand that data resides on many different media is a common issue." The industry itself is maturing quickly and there is a clear movement from those who just want to recycle or sell old equipment to those who are creating a genuine service, he adds. "However, the sector is still awash with huge variations in acceptable practice. In our time, we have seen practices including: allowing drives that have failed a wipe to be shipped downstream for repair before being sold without client consent; damaged phones being sold for repair (often overseas and still with data on); assets being triaged at point of entry and only those that have value being processed, whilst the remainder are sent (intact) downstream for 'recycling'. "Finally, we have seen certificates of data destruction being issued before the assets have been processed and, in one case, certificates of hardware destruction issued to a customer when the hardware itself was right in front of me. Of course, these get weeded out within the certification process, but they persist in some quarters of the sector." So, while there is concern from businesses that they need to protect their data at end of life, poor practice is endemic, from both end users and within many parts of the industry, which is so basic that the starting point for improvement doesn't need to be particularly sophisticated, Mellings argues. "Improvement should be started at C Level by identifying this, perhaps unfashionable, business process as being a critical element within the overall data protection battlefield. By raising the profile of this process, improvements can be made by greater appreciation and understanding. Speak to the leading suppliers of products and services in this sector and learn from them. They have the expertise and focus, which can help you ensure your name won't be in the headlines next time an asset with data on is purchased off an auction site."
Page 1 2 | ||
Like this article? Click here to get the Newsletter and Magazine Free! | |||
Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |