The business world is always moving, and we mean that literally. Companies frequently find themselves needing to upsize, or downsize, or simply move to a preferable location. A change of premises often means a change of equipment; new computer systems installed, the old outmoded kit recycled or discarded. But would you think to pay any mind to the data stored on that hardware? Sure, you’ve kept backups of everything important – but what about the risk of a data breach from confidential information left on those devices? Your old hard drives, USB sticks, mobile phones and other kit could well contain private data such as customer contact info, employee records, or even banking details. It’s essential that any equipment which holds, or previously held, sensitive data, is properly and securely disposed of.
So what’s the best way to dispose of these items and the precious data they hold? In our experience, we’ve noticed many businesses will opt for a third-party solution, such as a recycling company, or a disposal firm which makes on-site visits with an industrial shredder. Such companies are naturally of great benefit, as the majority of businesses aren’t large enough for in-house recycling and equipment disposal to be economically viable. Shredding machines capable of destroying hard drives and other electronic media, for instance, can easily run into the tens of thousands. External companies offer a hassle-free solution; they’ll take your old hardware off your hands and dispose of it for you.
But can they be trusted? When you hand over your hard drives – and thus, your sensitive data – to third parties, you can’t be sure what they’re doing with it. Many firms claim to offer a “secure chain of contact” with a certificate validating the security of the items to be disposed of, but the fact of the matter is, if a company is taking confidential information away from your premises, without your supervision, anything could happen. Some businesses around the world, particularly those with a focus on security, disallow any equipment from being taken off-site without proper sanitisation first; this is a practice which more organisations could learn from.
Did you know there are notable examples of data not being properly removed by recycling firms? In 2012, the Brighton and Sussex University Hospitals NHS Trust fell victim to one such firm. A contractor they trusted to dispose of hundreds of hard drives holding confidential patient data, instead resold the drives on eBay. The drives were bought, the data was found, and it wasn’t the contractor but the NHS Trust which received a massive £325,000 fine. Thus, it’s of vital importance that third parties are thoroughly vetted – or removed from the equation altogether.
Securely erasing or destroying old hard drives and other equipment needn’t be a hassle or a risk. A degausser is a device capable of totally wiping old hard drives in just a few seconds – simply place a drive inside the degausser drawer and it’s completely destroyed. Degaussing meets and exceeds the recommended global standards for what’s called “data sanitisation”. Using a degausser to erase drives prior to disposing of them is affordable for any business; talk to us about the possibility of renting or leasing a degausser, or working with one of our trusted recycling partners near you.