A new report from According to a release,
-Organizations dispose of IT storage devices to avoid risk: More often than not, an organization's goals in enacting a Secure IT Asset Disposition policy focus on mitigating risks like losing proprietary data or avoiding legal and compliance headaches associated with protecting privacy. However, other positive benefits of a SITAD program like reducing space issues or recouping financial investments are largely overlooked, with the exception of sustainability, which 63 percent of respondents cite as a program goal.
-Enterprises struggle with SITAD program implementation and compliance: Almost half of respondents - 46 percent - acknowledged that they either don't have a formal SITAD plan or that their formal plan isn't widely adopted across their organization. Findings indicate that the lack of widespread compliance among employees stems from insufficient education about SITAD policies or inadequate oversight in how employees implement those policies.
-IT and business executives agree that SITAD is a significant concern: Three quarters of both business leaders and their IT counterparts state they are either concerned or very concerned about potential shortcomings in their SITAD programs. That concern doesn't seem to translate into program improvements, however, due to the misperceptions that comprehensive programs cost more and that flaws in their current systems aren't posing urgent risks for the organization.
-Third-party specialists are primarily utilized for hardware disposal: Sixty-four percent of respondents currently leverage outside SITAD experts to some degree - notably to dispose of hardware, including data center equipment like servers and computers and mobile phones. However, organizations can further leverage third- party specialists for guidance on strategy and success metrics. While cost is cited as the biggest obstacle in pursuing help from outside resources, third-party experts can often save organizations money by assessing the value of decommissioned equipment and then recycling it to recoup a portion of the original investment.
"The secure disposition of IT assets will continue to be a top priority for organizations as we face increasingly complex technological, legal and compliance environments," said
In light of the survey's findings, Iron Mountain said it offers the following SITAD tips and best practices:
-Ensure all computer media and associated data is permanently destroyed and non-recoverable before disposing of the storage device.
-Establish a defensible, documented, and repeatable process to prepare, handle or transport, and destroy the data that resides on electronic media.
-Improve audit readiness using workflows that include security personnel assigned to monitor the destruction process.
-Ensure media scheduled for offsite destruction is securely transported with dedicated routes, 24x7 GPS tracking, thoroughly vetted drivers and a well-documented chain-of-custody.
-Avoid inadvertent disclosures by destroying sensitive or unencrypted data in the right manner at the right time.
-Establish methodologies that ensure reliability and consistency from collection through final destruction of end-of-life IT assets.
-Pursuing third-party vendors that are e-Stewards Certified Recyclers, meaning they adhere to the highest standard of environmental responsibility and worker safety, while protecting human health and the global environment.
((Comments on this story may be sent to firstname.lastname@example.org))
A new report from
According to a release,