Plan it Perfectly: How to Make an IT Asset Disposition Plan
Did you know that in 2013/14 a data breach at Yahoo revealed over 500 million personal records? Data breaches are a hot topic in business today. Businesses have to consider how they use data and how they protect it from prying eyes.
Normal security measures may be enough to protect private data on a day to day basis. However, when it comes to IT asset disposition further measures are needed.
Simple disposal of tech and its memory is no longer enough as governmental laws have come into play. Compliance with the latest iteration of these laws is vital. Litigation may never be proposed. However, authorities can audit a company. This could result in government penalties for non-compliance.
How can you ensure that your asset disposition goes smoothly? Check out our in-depth article to find out.
Document Every Step
Your disposal plan may be compliant with federal and national law. However, authorities will want to see that you exercised due diligence every step of the way. This includes thorough documentation.
Documentation is vital as it shows that your company takes compliance seriously. Further good documentation protects and even builds your company’s reputation.
A solid documentation policy would include a certificate of data destruction. This provides proof regarding which processes were followed and how data was destroyed.
Define Who will Dispose of Equipment
Hiring a company that can manage the disposition of your specific equipment is very important. The vendor should be able to provide you with a Written Statement of Work (SOW). This will detail their plan for asset disposition.
This also shows that the vendor has a planned workflow and will dispose of your IT assets in a trustworthy and even repeatable manner.
Many companies have office locations across the globe. The asset disposition company may even be able to provide SOW documentation for each location.
Once procedures have been established and documented, accountability should be agreed upon. This should include not only responsible for the protection of data, but also for the environmental impact of the disposition.
In this case, your vendor should be completely transparent about each stage of the disposition process. Workflows should be well defined. The should include timelines for each IT asset and indicate when responsibility for each IT asset will be transferred.
In some cases, companies can provide almost realtime tracking of devices via an online portal. A company can enter the vendor’s website and input the serial number of the device. From there, they can see what stage of disposition it is at.
Whether the hardware is destroyed or simply cleaned of data and resold, certification should be provided by the vendor to the company.
Compliant IT Asset Disposition
Upgrading your IT hardware can be a traumatic time. However, data breaches can be devastating for a company. It is important to take the time to protect yourself against then now. Particularly in a large company, this can be a real challenge.
If you are interested in transparent asset disposal for your company, we are here to help. We leverage our years of experience to provide a fully compliant IT asset disposition service.
If you would like to see what we can do for you, why not follow our blog or contact us.