How SPVM Leaders Can Select the Right ITAD Partner

Understanding ITAD Service Categories

A major concern of SPVM leaders handling IT assets is balancing speed and managing risks right from sourcing the equipment to their management when they reach their end-of-life. For creating ITAD (IT Asset Disposition) strategies or selecting an ITAD partner, the leaders should consider funds, risk tolerance, and sustainability goals. These factors will help in figuring out the services required from the ITAD service provider.

ITADs offer services that mainly fall in three major categories: core disposition services, secondary hardware services, and ancillary lifecycle services. These wide ranges of services include data center decommissioning, media sanitization, recycling and refurbishing, reselling, component recovery, and donation arrangement.

ITAD service providers can support SPVM leaders in safeguarding their organization's data and disposing of their IT assets in an appropriate way. ITAD partners must follow industry recognized standards like ISO 27001 and NIST SP 800-88 for data sanitization, R2V3 and e-Stewards to commit to their environmental responsibility, and comply with local & international regulations governing data security.

1. Secure IT Asset Handling & Asset Tracking

To handle IT assets securely, ITAD service providers must ensure prevention from unauthorized access, loss, or theft of IT assets. The right ITAD will provide a strong and real-time asset tracking system that includes transportation equipped with cameras, supervision of skilled technicians who have passed background verification, and the use of ERP software to record the inflow and outflow of IT assets. ITADs must maintain a secure chain of custody documents to give trust and confidence to the organizations they are providing services to.

SPVM teams should ensure that the ITADs take the responsibility of the security of all IT assets from the stage of collection to disposal with documentation for each device. Data destruction records and certificates can be put into ERP software to ensure a central storage place is maintained. Software like D-Secure is integrated with ERPs used by ITADs like MakorERP and Razor ERP. Further, an API is available to fetch records into any other ERP used by the ITAD.

2. Compliance-Verified Media Sanitization

Organizations' procurement teams should choose an ITAD that provides media sanitization services to handle their need for performing onsite, offsite, and remote data destruction services. The organizations having no worries regarding offsite data sanitization can encrypt their data-bearing IT assets before sending them to an ITAD.

The leaders must ensure that chosen ITADs use compliance-verified data erasure software like D-Secure to destroy data permanently even from hidden disk zones (HPAs and DCOs). Likewise, when the IT assets contain classified information, the ITAD should have the ability to destroy the device using shredding or degaussing techniques. Organizations can choose some of the large ITADs across the globe from here.

3. Responsible Recycling

According to the Deloitte 2024 CxO Sustainability Report, 69% of organizations require suppliers and business partners to meet certain sustainability criteria. Organizations like Google and Infosys have been committed to removing their waste completely by following a zero waste to landfill policy.

Not only can businesses implement such policies to reach their ESG goals company-wide but also select an ITAD partner that takes on IT disposal in an environmentally sustainable way. Certification bodies like e-Stewards, SERI, and NAID ensure that ITADs certified by them perform recycling carefully and responsibly. By pulling out reusable components and securely managing waste, certified ITADs prevent valuable materials from being wasted.

4. Value Asset Recovery

The salvageable IT assets can be resold after getting repaired and refurbished. ITADs that provide remarketing and resale value help organizations get some income from the used IT assets. The financial models namely fair market value and transparent consignment help businesses get a money amount for these IT assets:

The value of the IT assets depends on the age, condition, and type of the IT assets.

5. Compliance with Regulatory Standards

The most important aspect for an ITAD company is to comply with the regulatory standards. Laws like the EU-GDPR, HIPAA, CCPA, and the US data privacy act, etc., require secure data disposal practices. Moreover, data protection and environmental sustainability regulation authorities can take legal action for breach of data or irresponsible disposal of IT assets against the violating organization which includes penalties, criminal proceedings, and imprisonment.

6. Service Flexibility & Global Reach

For an organization operating at a global scale, the sourcing team must consider ITAD's reach at multiple locations where assets need to be disposed of or destroyed. Service flexibility and global reach are critical aspects for consideration for organizations operating across multiple locations.

An ideal ITAD like SIMS Lifecycle Services or Iron Mountain offers global coverage with region-specific compliance and scalable ITAD services to meet business requirements. These ITADs may partner with downstream vendors to provide services in regions where they do not have an ITAD facility. These downstream vendors are governed by contractual terms on similar lines as in the case of mainstream ITADs.

7. Other Social Aspects

Hiring an ITAD that provides redeployment and charitable donation services which include packaging, data sanitization, shipping and value determination can help businesses promote reuse for a noble cause like bridging the digital divide. Secure data erasure and repair of IT assets extend their lifespans, ensuring they are not discarded prematurely.