NIST 800-88 Infographic

Organizations across various sectors use NIST Special Publication 800-88 (SP 800-88) for media sanitization guidelines due to its comprehensive approach to securely erasing sensitive data and preventing unauthorized access. NIST SP 800-88 was originally developed for U.S. federal agencies under the Federal Information Security Management Act (FISMA) but is now used by healthcare organizations, financial institutions, educational institutions, private sector companies, and international organizations. By adopting NIST SP 800-88 guidelines, these organizations enhance their data security posture while ensuring compliance with both national and international standards. Below is a handy infographic detailing the guidelines for the three categories of NIST Media sanitization: Clear, Purge, and Destroy.   To learn more about the NIST 800-88 standard, please read our blog about NIST 800-88 here.

NIST 800-88 Infographic

Using Unified Endpoint Management Tools to Maximize IT Asset Value and Increase Security

 Using UEM Automation to Prepare Computers for ITAD

IT Asset lifecycle management, especially at end-of-life, can be complex and costly without the right tools. Unified Endpoint Management (UEM) systems can be invaluable in this process, helping organizations simplify asset preparation for secure IT recycling for end-of-life assets while providing valuable help with maintaining data security and optimizing environmental and operational goals throughout the asset’s life. 

As IT asset disposition (ITAD) professionals, we have learned that clients who employ UEM systems are more prepared for efficient and cost-effective disposition processes.  This blog discusses how UEM ITAD integration can simplify the journey from active use to the responsible retirement of end-of-life IT assets. 

UEM for ITADWhat is Unified Endpoint Management (UEM)?

UEM is a comprehensive platform that allows IT teams to centrally manage and secure all endpoint devices—laptops, desktops, mobile devices, IoT devices, and more. It goes beyond Mobile Device Management (MDM) by incorporating advanced features like device performance tracking, compliance management, and integration with security tools. UEM tools are typically integrated with security tools such as Managed Detection and Response (MDR) and Endpoint Detection and Response (EDR).

Common UEM tools in use at our customers include Intune, JAMF, IBM MaaS360, VMware Airwatch, Citrix, Connectwise, BigFix, Google Device Manager, Ivanti Nuerons, Cisco Meraki Systems Manager, and Absolute Software.

UEM  increases security and improves the management of computers throughout the IT asset lifecycle. Its capabilities make it a perfect ally in preparing IT assets for safe and efficient disposition.

How UEM Can Prepare IT Assets for Recycling with an IT Asset Disposition Vendor

  1. Comprehensive Asset Inventory: UEM tools provide real-time visibility into all endpoints within your organization. This centralized inventory makes tracking devices’ location, status, and configuration easy, ensuring no asset is overlooked during ITAD planning.  This inventory may be integrated with IT Asset Management (ITAM) databases like ServiceNow.
  2. Secure Data Erasure: UEM allows IT administrators to perform initial wipes before disposing of devices. This adds a layer of security to your IT recycling and complements Securis’ certified data destruction processes. As a NAID AAA-certified company, Securis ensures your devices are completely sanitized, including hard drive shredding or data purging, that meets or exceeds industry, state, and federal compliance standards. 
  3. IT Asset Lifecycle Management: UEM tracks device age, performance, and usage patterns, helping IT teams determine when an asset should be retired or recycled. Devices flagged for end-of-life can be prioritized for UEM-based preparation and secure IT asset recycling.
  4. Policy Enforcement: Features like BIOS locks, encryption enforcement, and Trusted Platform Module (TPM) settings protect your devices from breaches before they reach an ITAD vendor.
  5. Compliance Assurance: UEM platforms facilitate adherence to data protection regulations, such as GDPR or HIPAA, by standardizing data handling and ensuring devices meet compliance requirements throughout their lifecycle.

Issues with ITAD when BIOS locks are not removed from IT Assets

BIOS Lock

A BIOS lock is a security feature restricting unauthorized access to a computer’s Basic Input/Output System (BIOS) settings. The BIOS is responsible for initializing hardware components during the boot-up process, and setting a password can prevent unauthorized users from tampering with hardware configurations or altering system settings. UEM can automate the removal of BIOS locks and resetting devices, ensuring that customer data is removed and recycling or reuse happens quickly. However, BIOS locks can also slow down the ITAD process in several ways:

  1. Access Restriction: If a device is BIOS-locked and the password is unknown, it can prevent access to the system. This restriction can complicate the data wiping process, which is essential for ensuring that no sensitive data remains on devices before recycling, re-use, or resale.
  2. Hardware Configuration: A locked BIOS might prevent changes to the boot order or other hardware configurations necessary for running data erasure software from external media. This limitation can hinder the ability to erase data from storage drives.
  3. Disposal Challenges: For organizations disposing of large numbers of devices, managing BIOS locks can be resource-intensive. It may require additional time and effort to unlock devices or ensure they are disposed of securely without compromising data security.

To mitigate these issues, IT departments should use their UEM  software to reset the device, remove it from management, and wipe corporate data before the disposition process begins.  If this step is not performed and the asset has a bios lock, the asset will become stuck in limbo and unable to be sanitized to NIST 800-88 standards by the ITAD firm.

The Benefits of Removing BIOS Locks Before Initiating ITAD Service

Reasons to make sure that you remove BIOS locks before sending assets to a certified ITAD vendor include: 

  1. Frees Up Software Licenses: Removing corporate data and unregistering devices from management through UEM releases software licenses, making them available on newer devices.
  2. Enhanced Security: By wiping devices before sending them to an ITAD provider, UEM reduces the risk of breaches. Companies should choose a NAID AAA ITAD provider that will also sanitize the data, but an initial software sanitization is easy when automated and provides an extra layer of security for protecting data during storage or transport.
  3. Supports Environmental Goals Properly prepared devices have greater reuse or donation potential because value is reduced over time.  This process supports sustainability efforts and reduces e-waste.
  4. Speeds Up ITAD Processing: Devices reset and removed from UEM are ready for immediate processing by your ITAD vendor, saving time and ensuring quicker asset turnaround.

Your Next Steps in ITAD Success

By integrating UEM into your IT asset management strategy, your organization can unlock more value from its devices while ensuring data security and regulatory compliance. At Securis, we’re here to partner with you, offering certified ITAD services that complement your use of UEM. Together, we can streamline the final stage of your IT lifecycle and positively impact the environment.

Don’t let outdated devices slow you down.  Securis can make sure your IT Asset disposition projects are successful and efficient. Contact Securis today for a consultation on how UEM and certified ITAD services can benefit your business.

Secure Data Destruction and Responsible Electronics Recycling: Protecting Data While Helping Others

The Growing E-Waste Problem: A Call for Responsible IT Recycling

E-waste is dangerous for the environmentIn a fast-paced digital environment, businesses must constantly upgrade their technology to remain competitive. Millions of electronic devices are discarded or replaced yearly, creating an escalating e-waste recycling dilemma. Many of these devices still function perfectly but have become obsolete for corporate use. At the same time, there is a significant demand for technology in schools, non-profits, and developing communities. The challenge is ensuring that data security is not compromised while responsibly recycling these electronics. The solution lies in a robust process combining data security, electronic recycling, and environmental responsibility. Secure data destruction and IT recycling play a critical role in this effort, ensuring that sensitive information is completely erased without the complete physical destruction of hard drives. This ultimately benefits the schools or non-profits that receive the donated electronic assets and keeps e-waste out of the environment. 

A Comprehensive Solution for Secure Data Erasure and Electronics Donation

Ensure all device data is fully sanitized and/or destroyed before donating or sellingUltra-secure IT recycling services, such as those offered by Securis, provide businesses an efficient and responsible way to recycle computers and donate electronics. Securis ensures that companies can donate their old equipment without exposing sensitive corporate data to risk by utilizing secure data destruction techniques. Companies can confidently recycle their electronics using advanced data erasure software and certified destruction processes, allowing them to donate these unneeded IT assets with the assurance that their data has been completely and securely destroyed before donation. 

 

The Process of Secure Data Erasure and Electronics Recycling 

  1. Securis mobile ServicesCollection and Inventory
    Securis starts by collecting and inventorying the company’s outdated devices. Every item is carefully cataloged to maintain a complete chain of custody.
  2. Data Erasure and Destruction
    The data destruction process can occur onsite using our mobile services or offsite at the secure Securis facilities. Using advanced software, Securis completely overwrites all data on the devices, ensuring no recoverable data remains. This secure data erasure is a far more secure solution than simple file deletion or re-formatting.
  3. Verification and Certification
    After the data is securely erased, each device is verified to confirm that no data remains. Securis then provides a certificate of data destruction for each device, which can be used to prove compliance with industry regulations and offer peace of mind.
  4. Refurbishment
    Once the devices are completely wiped clean, they are refurbished if necessary. This may involve cleaning, minor repairs, or software updates to ensure the devices are in good working condition for their next user.
  5. Donation or E-Waste Recycling
    Finally, the refurbished electronics are ready to donate to schools, non-profits, or other needy organizations. If the devices are beyond repair, they are responsibly recycled, ensuring they do not contribute to harmful environmental impacts. Our R2V3 certification ensures environmentally responsible electronics recycling practices.  

Meeting Global Standards for Secure Data Destruction

hard drive data destructionSecuris’ data erasure processes meet or exceed industry standards such as NIST 800-88 and the U.S. Department of Defense’s DoD 5220.22-M. We also comply with many other specific industry standards for data protection, as detailed on this web page.  Our mobile services and facilities are NAID AAA certified to ensure the highest data security standards. 

Benefits of Secure Data Destruction and IT Recycling for Companies

Partnering with Securis for IT recycling and secure data destruction offers numerous advantages for businesses:

  • Enhanced Data Security: Companies can rest assured that their sensitive data will not be exposed to unauthorized individuals, minimizing the risk of data breaches and the associated financial and reputational damage.
  • Regulatory Compliance: Securis’ certified data erasure process helps companies meet strict industry regulations, providing comprehensive documentation for data protection compliance.
  • Corporate Social Responsibility (CSR): Donating refurbished electronics supports communities in need and enhances a company’s CSR efforts, improving its public image and potentially providing tax benefits. 
  • Environmental Impact: Companies that donate working devices reduce e-waste and contribute to environmental sustainability. Devices beyond repair are responsibly recycled in compliance with e-waste recycling standards.
  • Cost-Effective: The cost of securely erasing data and donating or recycling electronics is significantly less than the risks associated with data breaches or the storage costs of outdated devices.

Real-World Impact: Bridging the Digital Divide Through Donations

Bridging the Digital Divide Through Donations The benefits of computer and device donation extend beyond the donating company, making a significant impact on communities in need:

  • Bridging the Digital Divide: Many schools and non-profits operate with limited resources, making it difficult to provide up-to-date technology. Donations of refurbished electronics help close this gap.
  • Supporting STEM Education: Donated devices provide students with hands-on experience, support STEM education, and prepare them for careers in technology and engineering.
  • Empowering Entrepreneurs: Some donated devices are given to small businesses or aspiring entrepreneurs, helping them get the technology they need to grow their ventures.
  • Global Impact: Donated recycled electronics can also be shipped to developing countries, where they improve access to technology, education, and healthcare, making a lasting difference in underserved communities.

Choosing the Right Partner for Data Security and IT Recycling

When selecting a partner for secure data destruction and electronics recycling, choosing a reputable provider like Securis is essential. With certifications such as NAID AAA and R2v3, Securis ensures that your electronic assets are handled securely and responsibly. Securis also offers comprehensive logistics solutions to simplify the process, even for large enterprises with multiple locations.

The Future of E-Waste Recycling and Electronics Donation

reduce e-waste and support the environmentAs technology evolves, the need for responsible e-waste recycling and secure IT recycling will only grow. Increased awareness of data protection and electronic recycling challenges will likely encourage more companies to adopt IT Asset donation programs. This shift towards a circular economy, where devices have multiple lifecycles, will help reduce e-waste and support environmental and social causes. 

Conclusion: Protecting Data and the Planet with Secure Electronics Recycling

In an increasingly digital world, data security and environmental responsibility are critical priorities. With services like secure data destruction and IT recycling, companies can protect their sensitive data while contributing to a more sustainable and equitable future. By partnering with trusted providers for e-waste recycling, businesses safeguard their information and help bridge the digital divide, support education, and reduce environmental impact. It’s a win-win for both business and society.

As we move toward a more sustainable digital future, the importance of secure IT recycling and data protection will continue to grow. Companies that prioritize responsible IT Asset disposal today will be better positioned to meet the challenges of tomorrow.