You shouldn’t recycle your data
The amount of IT hardware produced and consumed worldwide every day never ceases to amaze me. From our collective personal lives revolving around mobile devices, laptops, desktops, USB hard drives, and more, to the bigger picture of data center growth and all things IT-related, IT hardware expands exponentially every day.
And with that comes two concerns that everyone must be aware of: the impact on our environment as it pertains to where and how these materials are disposed of and, equally as important, what steps are taken before they are securely wiped of all data and disposed of safely.
What actually prompted the idea for this blog was a simple consumer experience that I had a few days ago. I was with a friend who needed to stop at a local mobility store to buy a new phone because he had dropped his and the screen had broken. And, given the age of the phone and its worn condition even before the damage, it was time for a new one anyway. So, my friend bought his new phone and then proceeded to throw his old one into the cardboard receptacle at the store without giving any thought to what the consequences might be: by not securely wiping his old phone before tossing it, he was, potentially, handing over every bit of personal data he had.
Now, I’m not trying to be alarmist, nor am I saying the mobile carrier in question doesn’t handle such abandoned hardware with care, but the number of holes in the road to the landfill is a potential unknown. And, as the guy who is ultimately responsible for an entire division of Inteleca that facilitates the secure destruction of enterprise-grade hardware annually on behalf of its customers, this small but significant act really made my blood pressure spike.
You see, even within many of the biggest companies in the world, there is often the belief that disconnecting a server and smacking it with a hammer is enough to eliminate the threat of data breaches—the leak of the highly confidential corporate files residing on these machines that can’t be wiped with just a swift kick and drop into a dumpster.
Data is data and, just as my friend’s old mobile phone contains his life, the data on end-of-life IT equipment needs to be protected before disposal.
In both cases, my advice is simple. Firstly, as one person to another, the next time you decide to recycle a personal electronic device, make sure you completely and thoroughly reformat it, to protect yourself from scams. Your devices hold your life’s data, so don’t let them fall into the hands of the wrong people.
Now, onto my work life. As one IT professional to another, when decommissioning gear of any kind, my advice is to hand it over to the professionals who know everything about secure disposal. The daily news seems to be filled with companies of all sizes suffering through hardship because of data breaches—damaging customer loyalty, their brand, and their market cap. And, more disturbingly, these companies—including banks, retailers, and more—could have avoided many of these breaches by simply eliminating the possibility of the corporate version of dumpster diving.
With a world driven by information, and with the constant need for security to protect that information, relying on professionals to securely dispose of your data—before securely disposing of your hardware—is of the utmost importance.
And remember, you can recycle your hardware, but you should never, ever recycle your data.