Data breaches are costly. In many cases, they’re also reputation-ending, which can be a fearful prospect to IT equipment lessees. The amount of attention that the media devotes to these sorts of breaches can also stir up a fair bit of anxiety.
It’s understandable that data security is a major concern to many IT equipment lessees. Below, we’ll cover five common questions and what you can do to address them to instill lessees’ confidence in your (and your partner’s) data sanitization processes.
Common IT Equipment Lessee Concerns About Data Security
How do we know that you’re working by the book?
We/our partner meet all of the international standards for data wiping— NIST, Department of Defense 5220.22-M, etc.
It’s essential to be transparent with clients about the standards and regulations that your practices meet, especially when you have outsourced part of the lease lifecycle to a third-party provider. Not only does this show prospective lessees that you’re committed to quality and playing by the rules, but it also offers them peace of mind. If you’re operating in accordance with DOD regulations, it leaves no doubt of the high level of services that you provide.
Standardized procedures are integral to sanitizing data properly. Offer information about software certifications and the results of any forensic auditing you may have carried out to ensure security. Show that you have protocols in place for documenting each portion of the removal and data sanitization process.
What if we’ve got a lot to dispose of?
We can process a high volume of equipment—those capabilities extend to high-volume data destruction.
This answer will prove especially simple when your third-party partner offers those exact services. If you do offer erasure services at your own facilities, make sure that lessees understand how their equipment and data will be protected and destroyed during the process. It’s critical that you’re forthcoming about the steps you take to ensure security. Regulations concerning lab access and environmental controls are essential, as are adequate security and surveillance systems.
What if we aren’t comfortable sending our equipment to you?
We have the capability to conduct on-site data erasure.
Some clients don’t feel secure in surrendering control over their data and equipment—and that’s fine. Rather than battling against these natural instincts, you should offer services that allow data erasure to be conducted on-site for lessees.
Those who desire high levels of control and oversight when it comes to the data sanitization process should have the option to witness the process in their own facilities. You’ll need portable and high-volume processing equipment that meets DOD standards to achieve this level of flexibility, but the freedom to partner with more organizations is oftentimes worth it.
How will I know the data is truly gone?
We offer data erasure validation.
It’s critical that you prove to clients that their data has been securely sanitized. You should provide certificates of data erasure for each processed drive (and certificates of destruction for failed drives). Not only does this offer lessees peace of mind, but it also means you have documentation for your own sake.
Establish a company culture that emphasizes relying on global industry best practices and meeting certifications. These certifications speak directly to your wiping capabilities, adherence to standards, and transparency with clients. Consistency and accountability will carry you far.
What about drives that can’t be easily wiped?
We physically destroy, securely transport, and responsibly recycle any drives that fail our processes.
Prospective lessees are right to be concerned about the data security of drives, which fail to respond to the sanitization process. Offer them some peace of mind by having a rigorous plan in place for what to do with those drives. It’s important that you can explain how and why you carry out the processes you do in response to failed data destruction efforts.
We can help you instill confidence in your lessee prospects.
Contact us to learn more.
Mainstream Global, Inc., headquartered in Lawrence, Mass., owns and operates ISO 9001, 14001, OHSAS 18001 and R2 certified processing centers in the United States, Colombia, Peru, Chile, Argentina, and Brazil. With over 19 years of directly servicing and re-selling assets from top-tier manufacturers, Mainstream Global is the recognized expert. Our partners rely on us for compliance, security, professionalism, and brand protection, all while providing the best returns and prioritizing global environmental standards.
Read more:
Searching for a reverse logistics partner? Then you need to see this video.
IoT generates tons of data. How does it affect product lifecycle management?