The Technology Lifecycle: Understanding End-of-Life Equipment Planning22
An Interview with Chief Technology Officer Chad Hayes
Excitement for new technology is palpable—who can deny the allure of new capabilities, faster operation, more powerful processing, and fresh design?
Here at Sadoff, we’d never want to kill the buzz for technological advancement. Rather, our goal is to help evolve the consumer’s mindset regarding the journey of this technology. As the products and equipment advance, so must our collective consideration of what happens to technology after it’s lost its shine and become obsolete.
We’ve gone to “great” lengths to report on the massive accumulation of global electronic waste and the environmental consequences of improper e-waste disposal. Now, we’ve asked our Chief Technology Officer Chad Hayes to use his IT expertise to weigh in on the digital danger posed by e-waste—data insecurity—and how to best handle end-of-life technology.
“All we really want to do is to educate organizations on this,” said Chad. “We’re not here to judge; we’re here to help.”
Part of this education requires context on our understanding of the lifecycle of technology. First, Chad explains how far we’ve come.
The Past: “What is Cybersecurity?”
Chad has enjoyed an extensive career in IT, but knowing what he knows now about cybersecurity, he looks back with horror on the early, completely careless treatment of technology in the past.
“No one ever thought of what to do with end-of-life technology,” said Chad. “IT departments would simply have a closet where they threw old equipment, and when it came time to empty that closet, one of the IT guys would get picked to somehow take that equipment away.”
According to Chad, when companies let equipment sit for long enough, at best they’d give it a cursory wipe of data and attempt to delete its contents. Likelier, though, companies would either forget what data their equipment contained, assume any remaining data was insignificant, or give it to anyone who could take it out of sight and out of mind.
“At that point, companies would think, ‘Well, this equipment’s five years old. If you can get rid of it, you can do whatever you want with it,’” said Chad. “That’s the scariest.”
This willful vulnerability is even more frightening when considering the history of cybersecurity, with the first documented case of internet hacking dating back to 1989.
The Present: Demand for Data Destruction
Our understanding of the lifecycle of technology has fortunately evolved beyond our past recklessness. Calling it a “lifecycle” is itself a positive step, as the consumer’s goal should be a closed-loop system with improved consideration of eliminating threats to cybersecurity. Per Chad, end-of-life is now at least part of companies’ equipment considerations.
“Usually, what IT departments do is refresh 25% of their fleet of laptops at a time,” said Chad. “Then, one of two things will happen: they’ll take the old equipment and ‘domino’ it down to other employees who could still use it, and save a couple of spares for other employees; or they’ll give it to their IT consultant to take care of.”
The latter event is where Chad is most concerned and sees much room for improvement.
“IT consultant companies will come in and say, ‘Hey, you’re doing a refresh—buy the new equipment from us. We’ll take your old stuff and tell you that everything’s being destroyed,’” said Chad, warning, “Well, they can say that, but if they’re not certified to do that and they’re not covered, if a data breach happens the company will be held accountable—not the IT consultant.”
Saving money in the short term is often the primary factor in companies’ unfortunate decisions to forego proper data destruction of end-of-life technology. But how valid is this reasoning?
How Much Does Data Destruction Cost?
While Chad explained that the equipment and labor of data destruction of course come with a cost, this cost is primarily due to one major factor.
“The cost is mostly driven by the liability insurance we carry,” explained Chad. “We carry it to make sure we can protect our customers and ourselves. When we give a certificate of data destruction, we’re putting our name on the line and backing up our customers. We carry that insurance so that we can take on that liability.”
Chad acknowledges this can be difficult for some companies to comprehend, particularly if they don’t read the fine print of “budget-friendly” data destruction service providers. However, the cost of a data breach exceeds the expenses of data destruction, even without considering the loss of future business if and when customers lose trust in a company.
“The last thing you want to do is find out that four months after a refresh one of your hard drives showed up on the black market,” said Chad.
Budgeting for Technology
When technology refreshes can be expected, Chad suggests companies anticipate costs for data destruction.
“Companies should have a budget line item for end-of-life technology. Whether it be for services you need to purchase, personal tools you need to facilitate data destruction, or logistics you need to ship equipment for data destruction, you need to have some money set aside to do it,” said Chad.
He also recommends partnering with a recycler who can help to offset some of the costs of a refresh. Estimates can be provided for any costs recouped from the end-of-life equipment, including that of raw materials, reusable memory, or more. But ultimately, as part of a technology budget, Chad emphasizes end-of-life costs are ultimately a small investment with huge rewards.
“It’s not a lot of money when you look at a whole IT budget, but it is money that you need to set aside,” said Chad.
The Future: Cloud Cybersecurity
Beyond evolving cybersecurity requirements and growing data destruction awareness, Chad is foreseeing some of the biggest changes coming from the equipment itself.
“We’re basically going back to the days of centralized computing or mainframe. Your PCs and laptops are getting smaller and don’t have to be as powerful, because of cloud computing,” explained Chad. “It may be five or 10 years out, but we’ll see companies having employees bringing their own mobile devices to work to be connected to a virtual server.”
Such a transition will bring new challenges, including data destruction for individual devices as well as cybersecurity for end-of-life cloud storage equipment at data centers.
“Right now we’re still at the point where people have large endpoints on their desks, and those have to be destroyed properly,” said Chad. “But in the future, the technology is getting smaller, and your connectivity is changing—the way you access your data.”
Secure Data Destruction Now and Forever
Whatever foreseeable and unforeseeable changes await the tech world, Sadoff will stay at the vanguard of cybersecurity trends and certified data destruction. If you’re looking for an electronics recycling partner to help protect your data through an ever-changing technological landscape, contact Sadoff for a quote today.Tags: cyber security, data destruction, data security, e-waste, electronic data
Categorized in: Data Security