What is ITAD

Secure IT Asset Disposition (ITAD) involves the safe and responsible disposal of IT hardware, ensuring that all sensitive data is thoroughly sanitised or destroyed through professional data eradication techniques such as Erasure of Destruction.

ITAD goes beyond merely discarding end-of-life IT assets, it embraces the principles of data governance related to precisely how hardware is retired, aligned to recommended Standards and Industry Best Practice.

Further, Professional ITAD companies also have a responsibility to ensure the safe and environmentally friendly disposal of all assets.

Get in touch

What is IT Asset Disposition (ITAD)?

IT Asset Disposition (ITAD) refers to the strategic approach to managing and disposing of decommissioned, obsolete, or unwanted IT equipment, Data Center assets such as Servers, Storage and Networking equipment and also End User Compute assets such as Laptops, Desktops and Phones. This process encompasses several critical activities, including data destruction, recycling, remarketing, and ensuring compliance with regulatory requirements. The primary goal of ITAD is to mitigate risks associated with data breaches, recover value from retired assets, and minimize the environmental impact of electronic waste.

ITAD at a Glance

  • Ensuring Data destruction method is aligned to the importance of the information
  • Applying the most appropriate destruction techniques – Erasure or Physical Destruction
  • Compliance with Regulations and Environmental rules
  • Re-using assets where possible
  • Reducing E-Waste, minimising landfill requirements
  • Obtaining value through remarketing

 

Key Components of ITAD

  1. Data Destruction: One of the most crucial aspects of ITAD is ensuring that all data stored on decommissioned devices is securely erased. This can be achieved through methods such as degaussing, shredding, or software-based data wiping. Secure data destruction is essential to prevent data breaches and protect sensitive information.
  2. Recycling: Proper recycling of IT assets helps in reducing electronic waste and recovering valuable materials. Recycling ensures that hazardous components are disposed of responsibly, minimizing environmental harm.
  3. Remarketing: Some IT assets may still hold value even after they are no longer needed by the organization. Remarketing involves refurbishing and reselling these assets, which can help recoup some of the initial investment and extend the lifecycle of the equipment.
  4. Compliance: Adhering to regulatory requirements is a critical component of ITAD. Different industries have specific regulations governing the disposal of IT assets, such as HIPAA for healthcare and GDPR for European data. Compliance ensures that organizations avoid hefty fines and legal repercussions.

Why is ITAD Important?

The importance of ITAD in managing end-of-life IT assets cannot be overstated. Here are several reasons why ITAD is crucial for businesses:

  1. Data Security

Data breaches can have severe consequences for businesses, including financial losses, reputational damage, and legal liabilities. ITAD ensures that all data stored on retired IT assets is securely destroyed, preventing unauthorized access and safeguarding sensitive information. By implementing robust data destruction practices, organizations can mitigate the risk of data breaches and protect their customers’ trust.

  1. Regulatory Compliance

Compliance with regulatory requirements is essential for businesses operating in various industries. Regulations such as GDPR, HIPAA, and others mandate specific protocols for data protection and disposal.

  1. Environmental Responsibility

Electronic waste, or e-waste, poses a significant environmental challenge. Improper disposal of IT assets can lead to the release of hazardous materials into the environment, causing pollution and health risks. ITAD promotes environmentally responsible practices by ensuring that IT assets are recycled and disposed of in an eco-friendly manner. This helps reduce the environmental footprint of businesses and contributes to sustainability efforts.

  1. Value Recovery

Even after IT assets have reached the end of their useful life within an organization, they may still hold value. Through remarketing and resale, businesses can recover some of the initial investment made in IT equipment. This not only provides a financial benefit but also extends the lifecycle of the assets, reducing the need for new resources2.

  1. Risk Management

Effective ITAD practices help in managing risks associated with the disposal of IT assets. By ensuring secure data destruction, compliance with regulations, and environmentally responsible disposal, businesses can mitigate potential risks and liabilities. This proactive approach to risk management enhances the overall security and reputation of the organization.

Best Practices for ITAD

To maximise the benefits of ITAD, businesses should follow best practices in managing the end-of-life of IT assets:

  1. Conduct a Thorough Inventory: Start by conducting a comprehensive inventory of all IT assets scheduled for disposal. This includes documenting the condition, age, and functionality of each asset.
  2. Choose a Certified ITAD Provider: Partner with a reputable and certified ITAD service provider. Look for providers with expertise in secure data destruction, environmental responsibility, and compliance with industry standards. Secure ITAD meets and exceeds all of these requirements.
  3. Implement Secure Data Destruction: Ensure that all data stored on IT assets is securely erased using industry-standard methods. This includes Data Wiping/Erasure, Degaussing, or Physical Destruction.
  4. Maintain Detailed Records: Keep detailed records of all disposed assets, including serial numbers, disposal methods, and certification of data erasure. A good ITAD company will be able to provide detailed documentation and Certificates of Destruction at the end of processing.
  5. Promote Environmental Responsibility: Choose disposal methods that prioritise recycling and minimise environmental impact. This includes working with ITAD providers who adhere to environmentally responsible practices.

These regulations play a crucial role in safeguarding individuals’ privacy rights and ensuring responsible data handling across borders.

IT Asset Disposition (ITAD) is a critical process for businesses to manage the end-of-life of IT equipment. By ensuring data security, regulatory compliance, value recovery, and environmental responsibility, ITAD plays a vital role in the overall IT asset management strategy. Implementing best practices in ITAD not only protects sensitive information and mitigates risks but also contributes to sustainability efforts and enhances the financial performance of the organization. As technology continues to evolve, the importance of ITAD in managing IT assets will only grow, making it an indispensable aspect of modern business operations.

Got question or need some help with your IT Asset Disposal?

Get in touch with us today and let our team of qualified professionals take the stress and strain out of secure IT disposal
Get in touch

Frequently asked questions about ITAD

Why should I use a Professional ITAD company?

Your information is your company’s most important asset. Data Breaches are financially costly and can severely damage an organisation’s reputation overnight. Proper handling of Data Bearing devices mitigates against breaches.

Ask them about their processes. How do they handle the assets? Do they transport the devices in Secure vehicles with tracking? Do they register all the assets before they are processed? Do they provide Certificates or reports at the end of processing? Are they ISO Certified? Do they have a WEEE carrier license? What happens to the E-Waste downstream? If any of these questions cannot be answered, this should raise a big red flag!

Possibly. This will depend on the assets and the market at the time of sale. See our Remarketing page for more information.

This new DIN Standard, developed by the Deutsche Industrial Norm (DIN) sets out new responsibilities regarding the Protective Security required for Commercial Organisations, Government Departments, and Individuals to help make an informed choice of the correct equipment to guarantee all levels of Secure Destruction.

The new DIN 66399 Standard has now been expanded from just 5 security levels to now include advice on the level of protection required for all types of Media and 3 protection categories:

Three Protection Categories:

  • Class 1 is for the Normal Protection required for Internal Data where disclosure would have a negative impact on a Company or a risk of Identity Theft of an Individual.
  • Class 2 is for the Higher Protection for Confidential Data where disclosure would have a considerably negative effect or could breach legal obligations of a Company or offer a risk of adverse social or financial standing of an individual.
  • Class 3 Is for Very High Protection for Confidential and Top-Secret Data which if disclosed could have terminal consequences for a Company or Government Entity, and have a health and safety or personal freedom risk to individuals.

The destruction of media is classified into 6 categories, each available in 7 different security levels. The shredding of paper is category P with the higher the security required the higher the number. Level P-1 is the lowest security for general documents & advertising whereas P-7 is for the highest security data usually for the Military & Security services.

Six Media Categories:

  • P: Paper Based Products
  • F: Film Based Products including Micro-film, Microfiche, and Slides etc.
  • O: Optical Media including CD’s, DVD’s and Blu-ray Disks etc.
  • T: Magnetic Data Media like Floppy Discs, ID Cards, Magnetic Tapes, and Cassettes etc.
  • H: Hard Drives from Computers, Laptops, and External Devices
  • E: Electronic Data Media like Memory Sticks, Cards with a Magnetic Chip, Solid State Drives (SSDs) and Mobile Phones

Seven Specific Security Levels:

  • P-1 – 12mm Strips or maximum Particle surface area of 2,000 mm² – suitable for general documents such as advertising materials.
  • P-2 – 6mm Strips or maximum Particle surface area of 800 mm² – suitable for internal documents such as company communications, instructions, travel guidance, notices and forms.
  • P-3 – 2mm Strips or maximum Particle surface area of 320 mm² – suitable for sensitive and confidential data, as well as personal data such as company sales reports, tax documents and documents with private address data.
  • P-4 – Maximum Cross Cut Particle surface area 160mm² with a maximum strip width of 6mm = 6x25mm – suitable for sensitive and confidential data, as well as personal data such as payslips, personal data/files, contracts, medical reports and tax documents.
  • P-5 – Maximum Cross Cut Particle surface area 30mm² with a maximum strip width of 2mm = 2x15mm – suitable for data containing confidential information with fundamental importance for a person, company or institution, such as patents, construction documents, strategic papers, competitor analysis and process documentation.
  • P-6 – Maximum Cross Cut Particle surface area 10mm² with a maximum strip width of 1mm = 1x10mm – suitable for confidential documentation requiring extraordinary security precautions such as research and development documents, official areas
  • P-7 – Maximum Cross Cut Particle surface area 5mm² with a maximum strip width of 1mm = 1x5mm – suitable for strictly confidential data with the highest security precautions such as secret service or military sectors.

*P = Paper Media Requirements

Maximum Shred Sizes for Other Media

Class Optical Max Media Max Magnetic Max Electronic Max
Class 1 O-1 2000mm2 T-1 Inoperable H-1 Inoperable E-1 Inoperable
O-2 800mm2 T-2 Split H-2 Damaged E-2 Split
O-3 160mm2 T-3 2000mm2 H-3 Deformed E-3 160mm2
Class 2 O-4 30mm2 T-4 320mm2 H-4 2000mm2 E-4 30mm2
O-5 10mm2 T-5 160mm2 H-5 320mm2 E-5 10mm2
Class 3 O-6 5mm2 T-6 10mm2 H-6 160mm2 E-6 1mm2
O-7 0.2mm2 T-7 2.5mm2 H-7 10mm2 E-7 0.5mm2

What our clients are saying

“Secure ITAD always provide us with an efficent and professional service! We have been using their services for over 5 years now and will continue to doing so. We have even recommended them to a few of our clients“

Company Director, NCB Digital Morecambe

“Secure ITAD represent great value for money and deliver projects on time and within budget. I do not hesitate recommending them to all of our clients for shredding and disposal services”

Service Manager, London based Data Centre

“Since using Secure ITAD, we have had no issues whatsoever. They are very friendly and accommodating, either collecting outside of term time or after hours”

IT Technical Manager, School in South Essex