Ten years ago, formalized selection processes for disposal of IT assets were rare and vendor vetting was mostly non-existent. Few questions were asked and most companies were satisfied with any service with the ability to quickly haul away their retired IT equipment.
Gartner released their first “Magic Quadrant for North America Information Technology Asset Disposition” report in 2010. Since then, we have seen ITAD vendor selection processes mature.
Most large organizations today issue a detailed RFP to evaluate ITAD vendor capabilities and strengths. RFP data generally includes information regarding compliance, data security, sustainability and value recovery. It is recommended to not focus on only one capability because you could consequently compromise another (As an example, prioritizing value recovery can compromise data security, compliance and sustainability goals).
Here are questions you can ask about each capability to make a better-informed decision when selecting your ITAD vendor.
[Compliance] How can I ensure compliance when disposing of IT assets?
Over the years final disposition of IT assets and digital data has taken on new significance to corporate officers, risk managers and compliance teams within organizations. IT assets inherently contain hazardous materials and ensuring all is responsibly managed and disposed of is critical to a successful ITAD program.
Industry standards, such as the Responsible Recycling (R2) and WEEELABEX standards, provide baseline assurance in the evaluation process. In recent years, there has been added interest in how the manufacture and disposal of electronics impacts a circular economy evaluation.
Data security requirements for disposing of IT and electronic devices have continued to develop globally.
– HIPAA, GLBA, FACTA and PIPEDA forced industries in the United States to think about controls, accountability, processes and security.
– General Data Protection Regulation (GDPR) went into effect May 2018 and set data protection requirements for European citizens.
– Australia’s Privacy Amendment (Notifiable Data Breaches) Bill 2016 enforced notifications to Australian citizens if their data is inappropriately accessed.
– The California Consumer Privacy Act of 2018 is coming January 1, 2020 and is one that will control how big corporations manage, store and dispose of their client’s data.
As requirements advance, no matter your location global companies need a seamless end-to-end solution that outlines how data will be systematically destroyed with an audit trail. Audit trails show disposition routes, mass balance reporting, and certificates of data destruction and responsible recycling.
[Data Security] How can I ensure all data is protected during IT asset disposition?
A single instance of compromised data can be devastating for a company. Ensuring security of all data bearing assets is important. While no studies exist on the percentage of companies that allow data-bearing IT assets to leave their premises, Sims Recycling Solutions (SRS) estimates 65 percent of clients require data destruction while assets are still in their custody. This percentage has increased significantly in the last three years.
The increase in attention to on-site data destruction services comes as no surprise. It is one of the highest levels of security services on the market. Aside from on-site destruction services and security certifications, it is helpful to understand a company’s security management structure. Internal communications, trainings, assessments, and continuous site analysis will provide more of an indication of the level of attention a vendor is giving to data security on a daily basis.
[Sustainability] How is my ITAD program contributing to a circular economy?
As most companies are starting to incorporate circular and carbon-reduction processes into their business models, IT asset lifecycle will feature as part of the journey. Your ITAD vendor should be able to help you conscientiously reduce waste, reclaim raw materials for remanufacturing, increase reuse levels and incorporate considerations for the entire lifecycle of a product into the design process.
When interviewed recently, SRS CEO Steve Skurnac suggests companies who will make it in the future will be those that “partner effectively with the entire circular supply chain to optimize collections, efficiently process material and find sustainable homes for the recovered commodities.” Working with a single provider can reduce logistics and is often more carbon efficient than multiple suppliers due to having a large global network.
[Value Recovery] How do I manage IT resale/remarketing successfully?
The cost of a secure and responsible ITAD program is seldom budgeted in advance which leads many companies to seek revenue-neutral options. If a company depreciates their assets on their books to zero they also will not hold a value on the books for them, even though they may have value when resold on the second hand. This in some cases can leave an ITAD program to be self-funding or net positive. In order to do this, consider the following:
• Do not delay resale
When it comes to value recovery of IT assets, timing is everything. Moore’s Law is an observation of how quickly technology evolves stating that “processor speeds, or overall processing power for computers will double every two years”. Focus on IT innovation coupled with short refresh cycles are contributing factors in why IT assets can quickly depreciate in value.
• Minimize your risks
When commodity prices are low, there is less financial buffer for vendors to support revenue-neutral programs. In these cases, the chances of a low-cost vendor taking shortcuts increases. Low-cost options could risk inadequate protection from a security breach, environmental disaster such as e-waste dumping, or non-compliance (i.e. not having required documentation in an audit). Value recovery is important but for larger, public companies is a secondary consideration after data security and compliance.
• Understand your vendor’s resale channels and strategies
A vendor who maintains active and varied resale channels (wholesale and retail) is preferred. When reselling IT equipment you earn the best value when you master the five Ps: Price, product, promotion, placement and people. Not all vendors consider resale strategies and understand best practices for maximizing opportunities on various resale channels. This can have a big impact on value recovered for clients. Analytics and pricing software used by vendors can help inform these important decisions.
• Outline each vendor’s chain of custody
Moving IT assets from your facility to an ITAD processing center, and finally to buyers in secondary markets is a cost driver to be considered. Work with a vendor who efficiently manages logistics and is mindful of how these costs will directly impact revenue shared with you, as a client.
It takes a lot of time and effort to manage an IT asset disposition program successfully. For more related information download our white paper with six ITAD tips too important to ignore when creating your program. Learn more.