What is ITAD and How Does it Work?
What is ITAD?
IT Asset Disposition, or ITAD, is the process of recycling and disposing of old electronic equipment and other IT resources in an organization using practices that are not only safe and secure, but also environmentally-friendly.
And according to Michael Blumberg’s 2014 ITAD Trends Report, data security is the number one reason why organizations across the country are increasing engaging IT asset disposition services.
It is a fully fledged process and when the due procedures are not followed, organizations can fall victim to data breaches and consequently, legal liabilities.
These days, the idea of recycling your IT equipment is a given. However, how you do it is becoming more important than ever before.
That’s where ITAD comes in…
Choosing the Right ITAD Company: 3 Things to Consider
To retire your equipment in a safe and orderly manner, it is ideal to partner with a reliable IT asset disposition company. This will see to it that you meet all the legal, environmental and data security requirements. This is also essential for the success of the entire process.
Look for a vendor who is able to offer the complete end to end result while boosting your revenues from the IT asset disposition.
Here are the three main considerations you should think about when sourcing for ITAD services:
1. Reputation and Quality of Service
You need to ensure the company you partner with has the credentials to maintain data destruction integrity.
If you plan to pass your information to a third party, it’s in your interests to ensure the process is smooth and secure. Imagine what would happen if data and information vital to your business such as customer details were to fall into the wrong hands?
This can open you to all kinds of fines, lawsuits and a damaging negative publicity.
2. Range of Services
Does the ITAD vendor provide more than just the basic ITAD services?
It’s recommended to partner with a vendor who is able to offer acquisition and ancillary services as well. But, you need to assess the needs of your organization against the services offered by a potential vendor before getting into any sort of agreement.
3. Compliance With Regulations
A suitable vendor should be financially stable, and have the proper audit controls and data security measures. This will put you in a good position to meet the set laws and regulations as well as the industry best practices.
Preparing for IT Asset Disposition
The first step towards achieving a successful IT asset disposition should be to perform a self assessment of your current IT resources.
You should be able to identify the elements that are inefficient, outdated or incompatible with company goals.
- Identify your disposable assets – Not all company assets are suitable for ITAD. Create an inventory and ascertain if your vendor is able to deal with the kind of assets in your organization. Commonly accepted assets range from computers and printers to data center resources such as servers, routers, and switches among others.
- Know the duration of the service – A long term partnership is preferable to a one-time service. Having a long term partner will help streamline the logistics and in so doing save time and money. However, the choice is more likely to depend on the size of your company.
- Evaluate your data protection options – There are varied data destruction methods that you can use depending on your organization’s data security policies. This range from data wiping or hard drive shredding to the complete destruction of all data containing devices. Your vendor should help you ensure compliance to both the company and industry policies.
Know What ITAD Industry Standards Apply to You
IT asset disposition should be done in accordance with industry regulations and standards. These include:
- HIPPA/HITECH- The Health Insurance Portability and Accountability Act and the Health Information Technology for Economic and Clinical Health Act are federal regulations that govern the privacy and security of healthcare data.
- SOX- Sarbanes-Oxley Act of 2012 is a federal law that sets standards for public companies and their management.
- FACTA- The Fair and Accurate Credit Transactions Act is meant to protect consumers from identity theft. It requires organizations to institute a proper disposal of consumer information.
- PCI- This stands for Payment Card Industry Data Security Standard. Although not required by federal law in the US, its implementation differs from state to state. PCI DSS is strict on any form of access to cardholder data.
These rules and regulations are continually evolving and therefore require a great deal of attention to detail. Request for reports and certifications from your vendor to make sure the process runs as smoothly as it should.
At All Green, we provide quality asset retirement services designed to maximize data security and asset value. Being a leading certified company, we make it our uttermost duty to ensure our services meet our client’s exact needs. Contact us today or request a free quote.