Home 9 Blog 9 Do you need an ITAD program
ITAD-program

Typically, IT asset disposal isn’t a burning topic that is top-of-mind for CIOs, yet every CIO must be able to address it when asked to describe their Information Technology Asset Disposal (ITAD) program. The presence of a program signals attention to Data Protection; the lack of a program says “data may be at risk when equipment is recycled.” No CIO wants to encounter the latter; every CIO wishes to be associated with “data protection” though it may be a false-positive if the program does not include an auditable chain of custody/data destruction. 

Can you, the CIO, or the person in charge of your ITAD program, describe how each device provisioned and issued within your company is tracked, how the data on the device is accounted for, and when and how that device is removed from the company’s ecosystem in a way that ensures the data is protected and secured? 

An Identified Threat Vector

The Cyber and Infrastructure Security Agency (CISA), who works with entities to help defend against today’s threats and collaborates to build a more secure and resilient infrastructure for the future, included ITAD as an identified threat vector in its guidance on defending against software supply chain attacks. Every entity needs an ITAD program, and the program must ensure that all devices are wiped clean of any data. The harsh reality is many don’t, and they have no auditable or visual chain of custody involving data and devices, which can lead to severe fines and penalties for your entity.

OceanTech has a strong commitment to the security of our client’s confidential information. During the entire process, we track and catalogue your assets. Once the data destruction has been successfully completed, OceanTech will issue a Certificate of Data Destruction to the client that details to make, model, and serial number of each asset that has been secured, sanitized or destroyed.

ITAD-program-components

Risk Mitigation

OceanTech provides superior expertise in mitigating our client’s risk by eliminating environmental liabilities and ensuring complete data security. Our IT asset disposal procedures follow very strict processes to increase your level of security and lower any potential risk, eliminating the possibility of a security breach.

As the top ITAD company, our process exceeds all local, federal, and international standards and data destruction regulations. We comply with R2 standards for data security, which means that absolutely no data may leave our secure facility without first being overwritten, sanitized or physically destroyed.

At OceanTech, we utilize a patent-pending wiping solution that is consistent in all of our data sanitation and data destruction processes. OceanTech guarantees that sensitive data is non-recoverable. We are extremely confident in our guarantee – we regularly perform Quality Control checks by sending randomly selected equipment to OnTrack for expert recovery attempts and they have yet to recover any data on any device sent by us for testing.

Third-Party or In-House ITAD

The question for a CIO is not, “Do I need an ITAD program?” You do. Not only do you need a program, but your program must ensure it includes 100% of devices that are company-owned, as well as those that are employee/contractor owned (BYOD) and have company/customer data residing on them.

The decision to build an ITAD program in-house or hire outside expertise is unique to each organization, but whichever path is taken, it must be abundant with checks and balances to ensure verifiable integrity of the ITAD process and prevent any device from departing the ecosystem with data on board.

REQUEST A QUOTE

What is secure and compliant ITAD?

What is secure and compliant ITAD?

IT Asset Disposition (ITAD) is a vital part of the IT industry. In order to maintain a competitive edge, organizations need to constantly update their IT devices and equipment. This means they frequently have obsolete or outdated technology on their hands.

Why Proper Data Destruction Matters

Why Proper Data Destruction Matters

The process of Data Destruction is to make sure that whatever data you currently have stored on an electronic device is totally unreadable after the device has been wiped. The goal of data destruction ensures that this data cannot be recovered and used for unauthorized purposes.

IT Asset Management & why it’s important

IT Asset Management & why it’s important

IT asset recycling needs to be properly understood in order to make it easier to introduce to your organization as a “best practice.” IT asset management can be one of the most important parts of an organization’s overall strategy and provides up-to-date information to reduce risks and costs.

Stay informed about latest industry news

Pin It on Pinterest