How to Avoid a Data Breach

When disposing of your equipment, tossing hard drives without properly removing the information they contain can cost you money. Your business needs to ensure that all of your data is appropriately disposed of and that you aren’t putting you or your customer’s information at risk. By degaussing and then shredding your hard drives with an IT asset disposition (ITAD) company, you can protect your data and save your organization money. 

These steps use a variety of destruction methods to help keep your data safe from an expensive and embarrassing data breach. 

Step One: An Audited Equipment Collection

The first step to avoiding a data breach in your end-of-life equipment is to ensure that the company you hire to collect said equipment can provide you with an auditable and trackable IT inventory list. 

For example, at Securis, we tag every item we collect with an internal bar code and strip off all identifying information on the outside of your equipment. This also helps protect the chain of custody. By having a record of what’s been collected, it’s clear what has been handed over to your ITAD company. 

Step Two: Degaussing Hard Drives

After taking inventory of everything, it’s time to destroy the data. Before jumping to the shredder, you may want to consider degaussing your hard drives first. The degaussing process destroys information by changing the magnetic domain of the hard drive. 

While solid state drives (SSDs) aren’t able to be degaussed, we have microshredding data destruction and recycling services available for them. 

Step Three: Shred Hard Drives

After degaussing your larger magnetic hard drives, it’s time to throw them into our traditional shredder. While a degausser renders all data unusable, the degaussed hard drives still look the same as a perfectly functioning hard drive. 

 

Why is that a problem? If you put the two hard drives side by side, you may get them confused and accidentally recycle one that still has your information on it. By shredding, you ensure that you’re disposing of the proper equipment. Hard drive shredding will render all data unusable. 

Shredding services destroy SSDs and other smaller pieces of equipment. However, these cannot go into a regular shredder as they can slip through the cracks. For SSDs and other small data-containing devices, we use our microshredder. 

Step Four: Use a Certified ITAD Company to Recycle

By trusting environmentally responsible ITAD companies to recycle your unwanted and destroyed electronic equipment, you keep metals, plastics, and other perfectly usable materials out of our landfills! By choosing an R-2 certified company to dispose of your end-of-life equipment properly, you may protect yourself from lawsuits and data breaches. 

Securis can provide you with a certificate of destruction. This is beneficial for auditing purposes and peace of mind. With our services, you know that your hard drives and other equipment are being properly recycled with the circular economy at the forefront of our minds. 

Why?

Morgan Stanley is paying a $35 million fine to settle claims because they failed to protect the personal information of 15 million people. From 2015 to 2020, they improperly disposed of their hard drives. By selling these online without properly removing customer information, anyone who bought them had access to this information. 

Rather than using a company like Securis that has decades of experience disposing of information, Morgan Stanley used a moving and storage company that had no ITAD experience. The company they entrusted to protect their customer’s information sold thousands of the devices that they collected. 

Data security is vital to your customers in this day and age. Finding an ITAD company that you can trust with data destruction is vital. When you fail to protect your customers’ personal information, you can cost your company millions of dollars. 

Can You Make Money from End-Of-Life Electronics?

End-of-life electronics contain precious metals and elements, such as gold, silicon, platinum, and more. Your end-of-life computers and IT assets must be worth a fortune, right? Not exactly, but there are ways that IT departments can maximize the value of old IT equipment. The greatest value is when computers can be repurposed and upcycled, but some equipment is too damaged and must be dismantled and sold for scrap. 

Can You Make Money from End-Of-Life Electronics?

How IT Departments Can Maximize IT Asset Value

It may be tempting for an organization to keep employees on old technology. New electronic equipment is expensive, there’s downtime for installations and training, and any upgrade is disrupting. However, a survey recently found that $1.8 trillion (not a typo – TRILLION!) is lost each year due to technology that should have been retired. Old computers and other electronic devices are slower and often unable to be upgraded to the latest version. 

Make Money from End-Of-Life Electronics

Storage of End-Of-Life Electronics to Gain the Highest Recovery Value (Make Money from End-Of-Life Electronics)

Once a computer or server “dies,” it’s easy to dismiss and throw it in a trash bin for collection. Taking care of how you store these items may greatly increase the value you receive. However, you can make money from end-of-life electronics. 

Make Money from End-Of-Life Electronics

Here’s How to Make Money from End-of-Life Electronics

  • Store it safely without damage in dry, cool environments
  • Laptops should be placed on their sides if put in boxes. Be careful not to stack too many on top of each other on a pallet, which can damage the screens of bottom units. This is especially common in MacBooks.  
  • Don’t write or add labels to items that are still in the original boxes & packaging 

Data & Parts Removal

  • Hard drive data erasure can increase the value of retired equipment by 5-10%. Shredding or degaussing is costly and returns no additional revenue.
  • Keep the covers or panels with the unit (laptop).  Serial-numbered plastic pieces may not be recycled properly. A complete unit will return a higher value than if this part is missing or damaged.  
  • WiFi Cards, Optical Drives, and Memory (RAM) contain NO DATA. Mistakenly removing these parts can significantly limit an item’s resale value. Review the below examples to ensure only the hard drive is removed, or let Securis handle it for you.

Laptop Hard Drives and WiFi Cards

Hard Drives usually have a size capacity such as 256GB, 500GB, 1TB printed on the label.

hard drives and wifi cards that hold data and don't hold data

IT asset value recovery isn’t top of mind for most organizations. That concern only comes after obtaining peace of mind regarding keeping sensitive data safe. 4,145 publicly disclosed breaches exposed over 22 billion records in 2021. 

4,145 publicly disclosed breaches exposed over 22 billion records in 2021

Make Money from End-Of-Life Electronics

If you’re not sure what value your retired IT equipment holds, we’ll help you. Schedule an onsite visit with us with no obligation. We’ll come to you, evaluate your end-of-life equipment and let you know what we predict you’ll regain from your retired assets. 

Learn from Morgan Stanley’s Data Breach: Use a Certified and Experienced ITAD Company

Have you tried to reduce costs when it’s time to get rid of old IT equipment? Morgan Stanley learned the hard way that if you don’t properly dispose of electronic devices,  it will be costly for your company. 

The global financial services firm Morgan Stanley trusted a standard moving company to dispose of end-of-life IT equipment. It has been reported that this company had no experience in IT asset disposition (ITAD). The unnamed moving company sold hard drives and other equipment online, exposing Morgan Stanley’s client’s data. 

Most of us assume that when purchasing a second-hand hard drive, it’s been fully wiped of all previous data. However, if this equipment gets to the wrong people, it can be detrimental to your organization. By selling these non-degaussed or shredded hard drives, Morgan Stanley left their clients vulnerable to data leaks. 

Morgan Stanley failed to destroy their customer data correctly, and that oversight has cost them millions of dollars. 

How does a hard drive that’s been wiped still have data? 

Morgan Stanley was exposed by an IT consultant who purchased some of the hard drives. He wrote to Morgan Stanley stating they could get “some kind of verification of data destruction.” As a financial institution, Morgan Stanley has stringent guidelines that they need to follow regarding data destruction. 

Although the information isn’t easily accessible on wiped drives, someone with experience can recover critical data. 

Finding “Hidden” Information

A Comparitech study found that 3 in 5 second-hand hard drives still contained data from the previous owner. 26% of the hard drives had been formatted, but it didn’t take much effort for the data to be recovered. 

An organization that does not use professional data destruction services may miss out on opportunities to fully destroy sensitive data. By degaussing and hard drive shredding, you can ensure that all data is physically destroyed. 

Preventing Data Leaks

When it comes time for your company to get rid of old hard drives, computers, and various IT equipment, you need to find an agency that complies with all laws and regulations that your business needs to follow regarding personal data. 

Physical destruction is often vital regarding compliance in terms of financial, health, and other strictly regulated organizations. 

Securis complies with the following rules and regulations:

  • NIST 800-88 standards
  • DoD 5200.22-M data sanitization
  • HIPAA/HITECH
  • Sarbanes-Oxley Act
  • Gramm-Leach-Bliley Act
  • FACTA Disposal Rule
  • Bank Secrecy Act
  • Patriot Act of 2002
  • Identity Theft and Assumption Deterrence Act
  • US Safe Harbor Provisions
  • FDA Security Regulations
  • PCI Data Security Standard 
  • Various local, state, and federal regulations.

Failure to comply with regulations can lead to an embarrassing news story and cost your organization millions in settlement fees alone. Contact us to learn how we can help you stay compliant. 

What Happens to Recycled Computer Parts?

At Securis, we process, disassemble, and recycle as much e-waste as we can in-house. Recycling your computer with us ensures that nothing ends up in a landfill. Some recycled computer materials are processed by our downstream vendors. Each has been vetted and chosen for their certified expertise in handling specific hazardous materials. As a zero-landfill company, our e-waste recycling partners must be R2-certified. 

End-of-Life Computer Materials That Can Be Reused

Most of the materials we send out can be reused or repurposed. There are obvious valuable materials like gold, copper, and silver that can be reused in new computer parts and turned into jewelry. The less obvious materials, like old CRT glass, can be reused as ceramic tiles and tile glaze. 

CRT Glass

CRT glass does contain lead, making the glass highly fusible. Because it is so fusible, it reduces the energy needed to create new products like ceramic tiles and tile glaze.

 

Copper

8.7 tonnes of copper is recycled from end-of-life electronic products every year. It’s one material that can be reused repeatedly without losing its ability to perform. Additionally, reusing copper lessens CO2 admissions. Copper can be recycled into jewelry, wires, or even used for the same material it was used for previously. 

Shredded Software and Toner Cartridges

One of our vendors, Covanta, uses materials like shredded software and toner cartridges to provide power to more than one million homes. This helps keep methane out of landfills which reduces emissions from fossil fuel electrical production. Your recycled toner cartridges might be powering your house!

Sulfuric Acid

Sulfuric acid found in batteries can be turned into water by adding baking soda. Once it has been cleaned and meets clean water standards, it’s released into the sewer system. It can also be turned into sodium sulfate used in laundry detergent, glass, and textiles. 

Mercury

Mercury is often found in tubes in TVs and computer monitors. Ninety-nine percent of mercury can be recycled. Once extracted from items like mercury tubes, it can be reused in new products. This not only helps limit the amount of mercury in our environment but reduces the need for new mercury to be mined and used. 

The other one percent must be disposed of properly to protect our ecosystem. The EPA has established RCRA Subtitle C landfills. This is the best way to keep mercury out of our water systems. These landfills have been specifically created to ensure that substances like mercury aren’t entering our environment. 

Securis Can Help!

At Securis, we ensure our downstream vendors are R-2 certified and keep all materials out of landfills. We want to ensure that our environment is free of harmful elements. Contact us if you are interested in learning more about how we can help you! 

Securis’ E-Waste Recycling Statistics

securis statistics

  • In one month, we sell about 6,000 desktops If stacked on top of one another, they’d reach the top of the Empire State Building. In one quarter, we sell the equivalent of two Washington Monuments in height of laptops! That’s about 13,320 laptops.
  • Last year, we sold enough monitors to stretch three miles!
  • In one week, our processing team went through and disassembled 174,000 pounds of equipment. That is the maximum weight of a full Boeing 747!
  • Recently, we recycled 80,000 pounds of plastic. Keeping materials out of landfills is our priority! This happens to be the equivalent of a fully loaded 18-wheeler!

How to Protect the Chain of Custody During Data Destruction

Some businesses, governments, and other entities have a chain of custody requirement regarding data destruction. Securis has developed a meticulous and secure end-to-end process that brings technology, people, processes, and infrastructure together. This ensures the highest levels of quality throughout the entire chain of custody of end-of-life IT assets.

Our clients are always in the loop for each retired IT asset during certified data destruction and e-waste logistics. 

Securis’ on-site shredding services allow you to witness the physical destruction of hard drives, cell phones, solid state drives (SSDs), and more. We know that the physical destruction of electronics is vital, so we provide a variety of ways to perform those services. 

Types of Data Destruction

At Securis, we offer several on-site hard drive and data destruction services to best suit your needs. We’ll help you avoid an embarrassing news story due to a data breach. 

data breach

With our microshredder, your devices will be pulverized to a shred size of less than 2mm,  the NSA-prescribed particle size. This is one of the most effective ways to ensure complete data security for small items, such as SSD cards, chips, and other data-containing devices that would fall through the cracks of traditional shredders.

If you aren’t concerned with shred size and are looking to destroy larger items, such as standard disk drives, our traditional shredder will do the job well. 

Prior to shredding, or in lieu of it, you can opt for degaussing. This erases data from devices with a magnetic strip by scrambling information,  rendering it unreadable. Aside from the hard drives in most of the devices used today, it also works on VHS tapes, cassettes, LTO and DLT tapes, and other magnetic storage devices. Degaussing does not work on solid state drives or optical storage devices like CDs. 

Protecting the Chain of Custody

Our on-site destruction services assist in protecting any chain of custody issues you may face. We understand that often, you may need to witness the destruction of your SSDs and other storage devices. 

Securis has a mobile shredding truck. We will come to your office and let you watch as we shred your equipment. We can also provide you and your company with a certificate of destruction and an audit-ready IT inventory list to document that all equipment has been disposed of properly.

certificate of data destruction

Data that Securis Can Destroy

At Securis, we can destroy the data on a vast amount of end-of-life equipment. We accept hard drives, SSDs, floppy discs, CDs, tapes, and more to shred. Depending on size, we may opt to use our proprietary microshredder.

Anything that can store data needs to be properly disposed of. When we destroy SSDs, hard drives, and other devices on-site, we can help keep your data secure and save you time.