How to Improve Enterprise Cybersecurity with Responsible E-Waste Disposal
Why your organization must include responsible e-waste disposal as part of a robust enterprise cybersecurity strategy.
The evolving landscape of enterprise cybersecurity needs to take into consideration cybersecurity concerns posed by electronic waste (e-waste) for several reasons. What is the main problem with e-waste? What dangers does it pose to an organization?
Below are some key points highlighting the importance of responsible e-waste disposal as a means to improve enterprise cybersecurity.
What is E-Waste?
Electronic waste (e-waste) is defined by the Environmental Protection Agency (EPA) as “used electronics that are nearing the end of their useful life, and are discarded, donated or given to a recycler.”
This includes everything from personal electronics such as television sets, computers, and cell phones to the countless office electronics used in modern businesses such as laptops, tablets, corporate-owned cell phones, photocopiers, data center infrastructure, and more.
Over half of all US states have laws in place regarding e-waste disposal, ranging from recycling fees for e-waste to bans on e-waste disposal (in Arkansas, Massachusetts, and New Hampshire).
Businesses must remain compliant not only to avoid running afoul of laws passed in various jurisdictions in the US (and worldwide) but also to uphold any commitments they may have towards reducing e-waste and its subsequent effects on the environment.
Why is E-Waste a Problem?
There are many problems caused by e-waste, notably the rapid growth of e-waste worldwide at around 3-4% (about 2.2 million tons) per year. In 2019, the United States ranked second worldwide in e-waste, with about 7 million Metric tons (over 7.7 million US tons) generated out of about 54 million Metric tons (over 59 million US tons) globally.
Not only is the quantity of e-waste growing worldwide as we buy and consume more electronic goods in our daily lives, but businesses are churning through electronic devices on a massive scale.
For businesses operating in the modern digital world, key IT infrastructure is also scaling up to meet the demands of clients and consumers. Data Centre Services, for example, either must continually rotate through hard drives and server infrastructure and upgrade to meet demand or choose to outsource their data centers and consider Data Center Decommissioning, which in itself generates e-waste from all of the used IT assets.
What are the Dangers Posed by Electronic Waste?
The two main dangers posed by e-waste are to the environment and enterprise cybersecurity. For the former, our previous blog entry goes into much greater detail regarding the environmental effects of e-waste. The latter problem is only getting more critical for organizations around the world year after year.
In brief, the effects of e-waste on the environment become evident when electronics are improperly dumped in a landfill. Toxic rare earth minerals and metals such as lead, mercury, cadmium, and beryllium leach into ground soils and pollute water reservoirs, the air, and pose a threat to wildlife. More e-waste being irresponsibly tossed into landfills every year only compounds this problem.
In terms of enterprise cybersecurity, e-waste creates a lucrative opportunity for cybercriminals looking to access sensitive data. One need not be a genius hacker to engage in a ‘frontal assault’ on key IT infrastructure if all of the passwords and data they need can simply be restored from improperly discarded electronics.
According to the Identity Theft Resource Center’s 2021 Annual Data Breach Report, the number of data compromises recorded in the United States in 2021 was 1,862, up over 68% from 2020. The average cost of a data breach in 2021 was $4.24 million, the highest level recorded in 17 years. Data breaches are happening with greater frequency and severity than ever before, and e-waste is a major contributing factor.
Can E-Waste be Hacked?
Computers, laptops, and other media such as USB flash drives should all be secure when in use, but far too often, little regard is given to cybersecurity concerns once these IT assets are discarded.
E-waste can be hacked, and in some cases, sensitive data can be accessed with little effort involved. Consider that as many as 68% of secondhand USB flash drives sold in the US were found in a study from the University of Hertfordshire to contain sensitive data from the previous owners. In most cases, the data was deleted but could be recovered easily or with minimal effort.
Businesses that cycle through dozens, hundreds, or thousands of IT devices must use their due diligence to ensure that all retrievable data on every device is thoroughly and securely destroyed. Services such as Hard Drive Disposal must therefore ensure that secure data destruction renders all sensitive data completely irretrievable.
Sustainable Solutions to the E-Waste Problem
Is it possible to reduce e-waste in the US? Yes, and the problem can be solved sustainably while also bolstering enterprise cybersecurity. It’s a win-win, but how can this be achieved?
The first solution is to reduce e-waste from the source, according to the EPA’s Waste Management Hierarchy. For businesses that require hundreds or thousands of electronics for daily operations, this might not be the most practical solution, although reducing the need for procuring underutilized IT assets is a step in the right direction.
A more practical solution is to work with an ITAD provider that uses a Circular Economy model whereby e-waste generated by a business can be diverted from landfills and instead refurbished, remarketed, or recycled as needed. The end result is little to no e-waste being dumped in a landfill in addition to the peace of mind that all sensitive data is securely destroyed.
Moreover, any IT assets that can be refurbished and resold end up maximizing the ROI on corporate IT assets. It pays to find sustainable solutions to e-waste.
Secure Data Destruction Services for Enterprise Cybersecurity
Enterprise cybersecurity can be looked at from two approaches: improving cybersecurity for IT assets and infrastructure currently in operation, and; mitigating cybersecurity risks from e-waste and used IT assets no longer in operation.
For the latter, ITAD companies can benefit your organization by providing Data Destruction Certificates and a full audit trail so that you can have assurance and accountability for each and every EoL device. It is also important to choose an ITAD partner that provides video evidence of data destruction.
Wisetek offers services such as DataDEAD for full order tracking and chain of custody reporting, as well as VirtuRL for remote ITAD fulfilment and many other services that reduce cybersecurity threats and maintain compliance.
Moreover, ITAD companies should always have multiple Certifications and adhere to the highest industry standards for confidentiality and secure data destruction methods. All of these certifications help organizations maintain compliance and ensure the safety of clients.
Why Responsible E-Waste Disposal is Needed in an Enterprise Cybersecurity Strategy
Many organizations still lag behind when it comes to responsible, secure data disposal. Data destruction in decades past mostly consisted of shredding paper documents. Managers could visibly see the shredded paper and rest assured that identity thieves and criminals could not compromise the security of the data. Out of sight, out of mind. Digital data destruction is not the same.
Not only does e-waste need to be disposed of in a more environmentally-friendly, more sustainable manner than shredded paper, but the data must also be completely and securely destroyed as well. Wiping, deleting, or dragging files into the Recycle Bin are not sufficient means of Data Destruction. Businesses must ensure that the media, in whichever form, is completely wiped of all sensitive data and that it cannot be retrieved.
This important task is best left to an ITAD Company that specializes in secure data destruction and hard drive disposal. But a good IT Asset Disposition needs to provide more than just secure data destruction services.
To maintain your business commitments to environmental stewardship and for Corporate Social Responsibility (CSR), responsible and environmentally-friendly data disposal services are also essential.
That’s why clients should choose Wisetek for ITAD services. Our environmental policy includes a zero-landfill policy that will help your organization remain compliant with regards to e-waste and data disposal laws across the US and globally.
Wisetek: Your ITAD Partner for Secure E-Waste Disposal
We provide all of our services, such as onsite data destruction, hard drive degaussing, and hard drive destruction, across the USA with centers based in New York, Boston, Dallas, Austin, Maryland, Los Angeles, and San Francisco.
You might also be interested in the following articles: