How to Avoid a Data Breach
When disposing of your equipment, tossing hard drives without properly removing the information they contain can cost you money. Your business needs to ensure that all of your data is appropriately disposed of and that you aren’t putting you or your customer’s information at risk. By degaussing and then shredding your hard drives with an IT asset disposition (ITAD) company, you can protect your data and save your organization money.
These steps use a variety of destruction methods to help keep your data safe from an expensive and embarrassing data breach.
Step One: An Audited Equipment Collection
The first step to avoiding a data breach in your end-of-life equipment is to ensure that the company you hire to collect said equipment can provide you with an auditable and trackable IT inventory list.
For example, at Securis, we tag every item we collect with an internal bar code and strip off all identifying information on the outside of your equipment. This also helps protect the chain of custody. By having a record of what’s been collected, it’s clear what has been handed over to your ITAD company.
Step Two: Degaussing Hard Drives
After taking inventory of everything, it’s time to destroy the data. Before jumping to the shredder, you may want to consider degaussing your hard drives first. The degaussing process destroys information by changing the magnetic domain of the hard drive.
While solid state drives (SSDs) aren’t able to be degaussed, we have microshredding data destruction and recycling services available for them.
Step Three: Shred Hard Drives
After degaussing your larger magnetic hard drives, it’s time to throw them into our traditional shredder. While a degausser renders all data unusable, the degaussed hard drives still look the same as a perfectly functioning hard drive.
Why is that a problem? If you put the two hard drives side by side, you may get them confused and accidentally recycle one that still has your information on it. By shredding, you ensure that you’re disposing of the proper equipment. Hard drive shredding will render all data unusable.
Shredding services destroy SSDs and other smaller pieces of equipment. However, these cannot go into a regular shredder as they can slip through the cracks. For SSDs and other small data-containing devices, we use our microshredder.
Step Four: Use a Certified ITAD Company to Recycle
By trusting environmentally responsible ITAD companies to recycle your unwanted and destroyed electronic equipment, you keep metals, plastics, and other perfectly usable materials out of our landfills! By choosing an R-2 certified company to dispose of your end-of-life equipment properly, you may protect yourself from lawsuits and data breaches.
Securis can provide you with a certificate of destruction. This is beneficial for auditing purposes and peace of mind. With our services, you know that your hard drives and other equipment are being properly recycled with the circular economy at the forefront of our minds.
Why?
Morgan Stanley is paying a $35 million fine to settle claims because they failed to protect the personal information of 15 million people. From 2015 to 2020, they improperly disposed of their hard drives. By selling these online without properly removing customer information, anyone who bought them had access to this information.
Rather than using a company like Securis that has decades of experience disposing of information, Morgan Stanley used a moving and storage company that had no ITAD experience. The company they entrusted to protect their customer’s information sold thousands of the devices that they collected.
Data security is vital to your customers in this day and age. Finding an ITAD company that you can trust with data destruction is vital. When you fail to protect your customers’ personal information, you can cost your company millions of dollars.