Blog

Five Best Practices to Ensure Fully Secure Decommissioning

Ensure Fully Secure Decommissioning—and Uncover Hidden Revenue

It is imperative that data center operators take advantage of every resource available to them when wiping data completely from all solid-state drives (SSDs) and hard disk drives (HDDs) when they have reached the end of their working life. Data centers must ensure fully secure decommissioning takes place because data breaches cause immeasurable damage to brand reputation, as well as potential legal and regulatory penalties and fines.

Not only can data centers benefit from third-party decommissioning services that guarantee the elimination of data-exposure risk but they can also uncover hidden revenue through hardware decommissioning and remarketing.

A comprehensive decommissioning service will:

  • Wipe all data and sanitize all hardware
  • Provide a complete chain of custody by tracking assets
  • Identify which drives can’t be wiped and mark them for on-site destruction
  • Customize logistics to ensure maximum efficiency and effectiveness of the decommissioning process
  • Maximize hardware value and increase sustainability by creating new markets and expanding existing ones

Five best practices for secure decommissioning with reduced TCO

In greater detail, here are the five ways that a data center can ensure it achieves fully secure decommissioning while untapping extra revenue through the significant value recovery of assets and by reducing total cost of ownership (TCO).

    1. Use a data sanitization platform with agent-based architecture that makes it possible to wipe an unlimited number of drives at the same time. From the smallest edge computing site to the largest data center, this option will offer unlimited scalability.
    2. Place a strong emphasis on rigorous asset tracking, documenting every step of a serialized asset’s journey, from wiping to final disposition (including shredding or remanufacturing of wiped assets for resale). Having a fully traceable chain of custody for each serialized asset will ensure compliance with all regulatory standards.
    3. Eliminate the risk of shipping drives with data on them by wiping them on-site beyond forensic recovery. It is essential that no shred of data is readable or recoverable on any wiped drive and the best way of ensuring this is to use sanitization software that passes Test Level 2 of the Asset Disposal and Information Security Alliance (ADISA) Threat Matrix.
    4. Ensure disruption is kept to an absolute minimum by using the most efficient logistics that are customized to your specific needs. This means decommissioning should begin with a complete audit of your equipment, your site and your goals, and every asset should be tracked every step of the way. The decommissioning process you use should include wiping, de-installation, collection and removal before on-site or off-site shredding, and any other certified disposition of assets according to your unique requirements. Complete wiping of all hardware should be carried out in one to two days, with data wiped from more than 98 percent of drives and the rest securely and efficiently shredded. Assets that need to be shredded, recycled or recertified should be shipped securely using sealed loads and GPS tracking so their location is known at all times. However, many assets there are, the entire decommissioning process should be completed within five to seven days.
    5. In terms of revenue, it’s important to maximize the lifetime IT hardware value across the data center. To achieve this, the organization providing the service should manage all your hardware decommissioning needs holistically while optimizing the TCO of those assets to achieve significant value recovery. Also, decommissioned assets should be put through a thorough reconditioning process. This will include a detailed evaluation of hardware performance, the completion of any necessary cosmetic upgrades and the secure packaging of the hardware into a retail-grade final product. Last but not least, it is important that your decommissioning partner is able to access new markets by leveraging global relationships and seamlessly managing the remarketing of equipment across a wide range of secondary market ecosystems.

By following these steps, data center operators can not only eliminate the risk of data-exposure and avoid costly data breaches but they can also unveil valuable—yet hitherto hidden—sources of revenue.

For further information on how to ensure fully secure data center hardware decommissioning, download our Secure Data Sanitization Best Practices Report.