As we get savvier about how vulnerable company data is on old IT equipment, the less-reputable electronics recyclers will have to struggle to keep their business. They’ll offer all kinds of “certifications”, but if it’s not backed up by regulations and best practices, these certifications aren’t worth the paper they’re written on.
Apto Solutions goes into why you shouldn’t trust a Certificate of Destruction as proof that your data was sanitized properly—they’re just not enough to give you peace of mind:
“Certificates of destruction are remarkably easy to make and remarkably easy to fake. They offer no proof other than a signature (and raw hope) that the data has actually been sanitized from the device. Look, we don’t hate certificates of destruction – we provide them to our customers every day – they are just not good enough on their own.”
Data Destruction Certificates Aren’t Enough. So What do You Need?
If certificates aren’t enough, then what do you need? Well, you’ll actually need two things:
- A secure chain of custody
- Legal responsibility
A responsible IT asset disposition provider won’t just say they’ll take responsibility for your equipment—they’ll document it, and prove it.
Tweet This! “A responsible ITAD provider won’t just say they’ll take responsibility for your equipment—they’ll document it, and prove it” Tweet This!
We’ve talked a lot in the past about how important the chain of custody is to data security? Why? Because it’s important for accountability. Written logs offer proof of who handled the equipment, how the data was destroyed, and who was responsible for it at the time.
Good ITAD providers don’t mess around with your data security, because they know the financial, legal, and PR consequences of a data breach.
Who is legally responsible for the data at any given time matters. Qualified companies are confident in their processes, and offer peace of mind by taking legal control of the equipment throughout the data destruction process.
You won’t be able to control the data throughout the entire process, so it’s essential to be able to trust the company you’re working with to handle confidential information safely. Your peace of mind depends on it.
What This Means for Your Company
Don’t depend on a piece of paper with a signature as evidence of secure data destruction. Do a little research before you choose an IT asset disposition company to handle your old electronics, and make sure you will know what is happening with your data during each step of the process.
Not sure if you’re data is being handled properly? Contact us for a security audit today!
At ICT, we’re all for anything that keeps electronics out of landfills. That’s why we tailor our electronics recycling solutions to fit each company’s unique needs.
Susannah Bruck is a freelance blogger, editor, and ghostwriter. She has been putting her skills to use for clients since 2010, and enjoys working on formats ranging from blog posts to short stories and plays. You can find her at World Adventures