Rethinking Data Destruction: Best Practices for Secure Hardware Disposal

January 30, 2024
Anthony Serina

Having spent 10+ years in the hardware recycling industry, I’ve seen firsthand how the best organizations in the world keep data secure at the end of the hardware lifecycle. In this blog post, I’ll share what I’ve learned: best practices for hardware disposal, how data destruction has evolved over the years, and why organizations must adapt their end-of-life IT asset management strategy to become more secure, efficient, and sustainable. 

With data breaches becoming increasingly common, protecting sensitive data is now more important than ever. 

In this blog post, we’ll explore how to keep data safe during hardware disposal — sharing modern-day best practices for data sanitization, hardware disposal, asset management, and more.

Data sanitization and destruction: past and present

When a device is ready to be disposed of, data destruction is critical for protecting sensitive information and minimizing risks of data leaks. But data destruction and sanitization methods have evolved over the years, reflecting changes in technology and environmental concerns. 

The traditional method of data destruction

A decade ago, physically destroying hard drives on-site was a standard procedure to prevent data theft. At the time, computers were modular, and hard drives were unencrypted and could easily be removed. This posed a very real risk of sensitive data being accessed by unauthorized individuals. Additionally, the risk of transporting unencrypted devices led to a preference for on-site shredding, due to concerns that a lost device during transport could lead to a data breach. 

For many forms of hardware — though not all — the traditional method of physical destruction has fallen out of favor. Other methods are equally secure, while also being more environmentally friendly and cost effective. 

On-site vs. off-site destruction

Physical destruction can happen two ways: on- and off-site. On-site shredding requires an e-waste partner to visit a client’s office and shred hardware, typically in the client’s loading dock. This approach, however, carries several risks and drawbacks.

With the shift from desktops to laptops as the primary form of deployed hardware, especially post-Covid, laptops pose unique challenges to destroy. Hard drives are now permanently soldered onto motherboards, making their removal or destruction challenging. Additionally, the batteries in laptops are often glued in, making their removal extremely difficult. In many cases, accessing the motherboard requires removing the battery, adding another layer of complexity to the process. 

Following NIST 800-88 guidelines, which mandate either a destructive rewrite process or physical destruction, remains essential. A decade ago, compliance often meant on-site shredding. This solution was practical given the types of machines in use and how easy it was to remove a hard drive from a desktop computer. However, with the shift to laptops as the primary data-bearing asset and evolving hardware designs, this method is no longer as effective.

Additionally, it’s recommended that an IT professional from the client’s side supervise the shredding process — a time-consuming task that detracts from their ability to work on critical tasks. On-site shredding services are not only costly and time intensive, but also generate metal dust, which poses significant health risks when inhaled.

In contrast, most hardware that requires destruction can be done off-site at the vendor’s facility, eliminating the need for complex and resource-intensive on-site procedures. The hard drive shredders at off-site facilities are typically more powerful than mobile shredders, resulting in a more efficient destruction process. This efficiency not only saves time, but also alleviates the need for IT personnel to be present during the shredding and reduces costs, streamlining the overall procedure.

The new approach to data destruction

For modern companies that were built in the cloud, there is generally little need to physically destroy devices, with the exception of specific scenarios (for example, broken devices beyond repair or failed hard drives). 

With the ability to lock computers via MDM, robust data encryption, and fortified endpoint security, breaking into today’s laptops is virtually impossible. This holds especially true for mobile devices like phones and tablets, which are notably challenging to destroy. All of these factors have compounded the complexity of physical destruction, whether it’s done on- or offsite. Moreover, it also makes the process more expensive, despite its growing obsolescence. 

Historically, desktop computers were not disposed of until their data was destroyed, due to concerns about data breaches throughout the supply chain. While software-based data wiping was always an option, removing and shredding the hard drives was often faster and simpler. Today, this is no longer the case. Modern hard drives, which are securely locked, can be easily transported with significantly less risk. For example, in a workforce with remote or hybrid employees, the standard procedure of shipping back a laptop upon an employee’s departure is both secure and efficient. The laptop, which has substantial data on it, is shipped back with minimal risk. 

Today, data destruction is primarily done through software. Hardware recycling vendors use world-class data erasure software that guarantees the secure and permanent removal of sensitive data. The software issues individual Certificates of Destruction (CODs) per data-bearing asset, proving that data has been disposed of (provided that it was successfully wiped). If a device is unable to be wiped, it will undergo physical destruction. However, the proportion of devices requiring this measure is steadily decreasing. It’s worth noting that wiped computers often result in higher earnings than destroyed ones. In most cases, the destruction process ends up incurring service charges for customers.  

To further safeguard data, a reputable recycling vendor’s data sanitization should meet or exceed the standards set forth by both NIST 800-88 and the Department of Defense. Additionally, their processes should be independently audited by a third party, verifying that they’re following the processes they built. They should be certified in ISO 9001, ISO 14001, and ISO 45001 — the industry standards for third-party auditing. 

Best practices for secure hardware disposal

To ensure data security throughout the hardware disposal process, here are some best practices: 

  • Wipe all data-bearing devices before you give them to a recycling vendor. You have the option to use an MDM or do it manually, though the latter approach is less efficient. Although your vendor will conduct their own data wiping process, doing it yourself provides an extra layer of insurance. 
  • Keep applicable devices enrolled in your MDM program — do not remove it from Apple DEP, Jamf, Microsoft Intune, etc. Wait for the vendor to send you an initial serialized report of received assets before removing them from the MDM. 
  • For seamless hardware disposal, make sure all hard drives are encrypted and that your username and password-protected devices are controlled via MDM.  
  • Prepare a list of all assets being given to the recycling vendor. This can be generated from your ITAM tool by filtering by the designated status for retired devices. Include non data-bearing end-of-life assets as well. 
  • If an ITAM system isn’t in place, you have the option to manually compile a list of assets with serial numbers, model numbers, and makes, since your assets are still enrolled in your MDM with encrypted hard drives. However, it’s worth considering the necessity of this task for fully depreciated, locked down assets. Creating a detailed list is beneficial if you’re required to track data-bearing assets like servers or laptops for security purposes. Alternatively, another method would be to photograph your assets and perform a hard count of each device, which can then be reconciled against the final report from the vendor. 
  • Create a procedure for managing broken devices. This policy should involve sending damaged devices to a designated repair partner. Once there, assess the repair costs to determine whether to fix the device or designate it as end of life. These devices are important because many of them are data-bearing machines that do not boot, and data cannot be wiped from them. 
  • Retrieve all devices from any existing employees. Having full control over hardware lifecycle management is an integral part of data security, and getting remote laptops back is becoming increasingly more difficult.

Traditional vs. modern approaches to end of life & IT lifecycle management 

Over the past decade, end-of-life processes have evolved significantly. Modern IT lifecycle management marks a shift toward more efficient, sustainable, and technology-driven practices. This transformation represents a more cost-effective and data-secure way of handling IT assets, aligning with modern business needs and environmental sustainability.  

 

Traditional IT lifecycle management

Modern IT lifecycle management

Way of Working

Work Model

Work in office with desktop computers; on-prem environment 

Work remote/hybrid using laptops; cloud environment 

Asset Management

Hardware Refresh Cycles

Adhoc, however long the machine lasts

Standard refresh cycles, managed by ITAM (e.g., 3-year cycle for laptops)

Procedure for Refresh Cycles

Adhoc, with major refresh of devices over 5 years

Automatically create workflow tickets in ITSM to ensure all stakeholders can ensure old devices designed for EOL are replaced

Device Retrieval from Remote Employees

Manually ask remote employees for address and ship them a FedEx / UPS box

Automate retrieval process via API with third-party vendor

Enrollment Programs

None

Apple DEP, Windows Autopilot

Integrations

None

Integrations between ITAM, ITSM, and MDM and ITSM 

EOL Management Method

Manually done via Excel spreadsheet, email 

Automated via API in SaaS apps

Asset List

Create physical list of assets in IT closet

Use ITAM or MDM with EOL built into each device

Asset Status

Not changed in ITAM

Continually updated in ITAM 

Asset Organization

Unused assets sit in pile in IT closet

Assets placed on designated shelf in secure or locked IT closet and tagged in ITAM tool (e.g., L1 shelf)  

Asset Pickup

Scheduling 

Cumbersome manual scheduling process; pickup time not known until day of

Schedule pickup time window directly in app; receive updates throughout the day

Packaging

Customer packs up all hardware

Vendor packs up all hardware with white-glove service

Asset Disposition

Approach to Outdated Hardware

Destroy and recycle

Reuse and repurpose 

Commitment to Sustainability

None. Put hardware into landfills

Keep hardware out of landfills. Provide affordable computer access to people in need 

Parting Out Components

Sell components as-is or recycle / wholesale them

Use components to rebuild new computers and resell as last resort

Hard Drives

Remove from computer and physically destroy on site. HD is unprotected

Wipe data via sanitization process on encrypted HD 

Asset Wiping

None or manual

Wipe with MDM

Reporting

Reporting

Customer waits 30-60 days for final report and another 90 days for resale report

Customer receives internal report within 48 hours of pickup with models, makes, and serials; receives final report 2 weeks later with conditions and buyback amount

Business Model

Business Model

Revenue Share: Traditional vendor shares revenue percentage only once assets are resold. Charges service fees. Little visibility into which assets can be resold. Customer waits months for outcome of resale to determine net amount (either owed or earned)

Direct Buyback: Hardware lifecycle management vendor directly buys assets from customer. Pickup and service fees typically waived (if there is a cost, it can be deducted from funds from previous pickups). Leverages big data to determine resale value of assets. Customer receives guaranteed buyback quote upfront, eliminating any unpredictability

Selling Strategy

Transactional. Every pickup is a one-off

Relational. Dedicated account manager guides you through process and builds long-term relationship with repeated pickups

Profitability

Fee-based recycling results in high costs for customer

Net-positive program results in customer earning funds

Payment Timing

Payment issued after resale (usually 120 days post-pickup) 

Payment wired right away (without waiting for resale). Customer can either keep funds or donate it to a non-profit, directly in app

Today, organizations must adapt to protect sensitive information. Effective data destruction, efficient tracking, secure hardware disposal, and choosing the right recycling partner are all critical steps to mitigate risks and ensure compliance.

Latest from Revivn