New issue out now!

Page 29 from: New issue out now!

TECHNOLOGY EXPERTS Why data security is a big part of the recycling process whether devices are in use or have been col- lected for recycling. There are several areas throughout the e-recycling process where, without adequate securit...

Read the entire page

TECHNOLOGY EXPERTS

Why data security
is a big part of the
recycling process

whether devices are in use or have been col-
lected for recycling. There are several areas
throughout the e-recycling process where,
without adequate security protocols in place,
items and data can be at risk.’

what are among the most stolen
types?
‘When it comes to cargo theft specifically,
electronics are among the top six commodities
globally. Two-thirds (66%) of these thefts hap-
pen while a cargo is in transit with 11% occur-
ring in the warehouse. Electronics recyclers
today have to consider how they will help
transport equipment back to their facility
securely, how to maintain security of the
equipment once it arrives and again when it is
prepared for further processing.’

what Is the fIrst step of recy-
clIng?
‘Many businesses choose reuse of their
replaced or retired IT equipment as an option
to deliver the most returned value. A qualified
and experienced IT asset disposal (ITAD) ven-
dor can present you with an opportunity for a
new revenue stream and the process alone
helps minimise your overall environmental
impact.
It is recommended you use an appropriate
partner when considering reuse of equipment.
If the recycling vendor is also managing the
reuse of equipment, look into the data wiping
and erasure services they provide to ensure
they are performed appropriately. For exam-
ple, the National Association of Information
Destruction (NAID) conducted a study regard-
ing devices resold in “regular commerce chan-
nels” and found that 40% still contained per-
sonally identifiable information.

Here is some information to reference when
vetting your ITAD provider’s reuse process:

IrresponsIble recyclIng can
Increase physIcal data threats
The process of e-recycling involves the collec-
tion, testing/tracking, re-marketing and final
disposition and recycling of materials.
Depending on what condition the IT assets are
in upon collection, data may remain on stor-
age devices.
When working with a legitimate recycler, there
will be some sort of mechanical operation and
infrastructure in place to dismantle devices,
separate their components (including removal
of any hazardous waste) and shred materials
into different sorts. Once shredded, the mate-
rial is again separated and commodities of
value are sent to downstream recyclers and
refineries for reuse. These refined commodities
are then sold to manufacturers to be made
into new products.
There have been some circumstances, howev-
er, where these steps were not taken and
devices have ended up dumped in developing
countries. When this happens, it not only
becomes an environmental disaster, as well as
a PR nightmare, but can also leave you at risk
of data exposure.

In some cases, data can be
retrIeved from hard drIves
shredded for recyclIng
Believe it or not, if somebody really wanted to
try to retrieve data from a shredded hard
drive, there are ways they could attempt to
rebuild the data from the shredded pieces.
While this is very unlikely, it is possible given
sufficient motive. For this reason, taking extra
effort when considering data destruction ser-

vices may go a long way to protecting you in
the end. Considerations for ensuring data
destruction might include:
• Erasing data (via degaussing or wiping) prior

to shredding
• Witnessing data removal and destruction

processes
• Reviewing security standards implemented

and maintained by your recycler or data
destruction vendor

The top security standards that vendors
around the world may hold include:
• national association for Information

destruction (naId) aaa certification –
Global – secure data destruction industry’s
standards setting and oversight body.

• transported asset protection association
(tapa) – North America – freight security
requirements standard.
• Information security management system

(Iso 27001) – Global – relates to the recy-
cling of e-waste, asset management involv-
ing secure data eradication and the repair
and reuse of electrical and electronic equip-
ment.

• assured service (sanitisation) scheme
(cass) – United Kingdom – scheme offered
by National Cyber Security Centre for compa-
nies wishing to provide sanitisation services to
owners of highly classified Government data.

Electronics recycling is viewed from an envi-
ronmental perspective as preserving resources
and minimising waste but, as you can see,
these services can provide much more value
than that. It is recommended to take your IT
asset disposal and electronics recycling pro-
gramme seriously and consider all security
aspects of the process as well as ensuring
your company data, brand and liability are
protected.’

28-29_simsrecycling.indd 29 15-04-20 16:50