5 Ways to Avoid the E-waste Privacy Threat

With millions of data records stolen from companies every single day, 22 per second according to experts, it’s dramatically critical that companies pay attention to cyber security and data privacy. With equally millions of electronic devices disposed annually, it’s also crucial that businesses take note of the e-waste crisis and find ways to prevent its escalation. 

It should be made absolutely clear that there are privacy threats even after a device is disposed and becomes e-waste. These threats are slowly but surely coming to light as more and more companies begin to realize that e-waste is not just a landfill problem. It can be a data breach problem if not properly managed and safeguarded.

The e-waste privacy threat is also causing companies to realize that properly discarding IT assets means more than basic compliance with state and federal regulations concerning e-waste collection. It means teaming up with responsible and diligent recyclers and fostering sound data security methods to avoid e-waste privacy threats.

Can it be safely said that e-waste recycling leads to data breaches? Not at all. Many recyclers take extra precautions to prevent such disasters and stake their reputations on their data security methods. Essentially, companies should definitely discard devices responsibly by sending end-of-life IT assets to a reputable recycler. 

However, this does not mean that the risk of a post e-waste collection data breach is non-existent. When proper data security management steps are neglected, these breaches can spell disaster. Breaches can occur whenever a portable or stationary electronic device is lost, discarded or stolen at any time after collection for recycling or while being stored for subsequent recycling.

Since the frequency of privacy breaches make cybersecurity a top priority, it’s important that companies factor in the risks of privacy threats even after IT assets are discarded. Each breach can be extremely costly and detrimental to future business. For instance, a 2015 NetDiligence study estimated that data breaches can cost companies an estimated $1000 per record breach. 

You know that discarding your end-of-life IT assets and other electronic devices can be a huge cyber security threat, but what can you do about it? Privacy threats definitely should not keep you from recycling, especially when there are ways to prevent them. The following is a brief collection of just a few wise steps to take to avoid the e-waste privacy threat.

One of the best ways to avoid the threat of privacy losses during the e-waste recycling process is to partner with a reputable certified recycler. Certified recyclers with a proven track record of sustainable recycling methods are likely to have certain processes in place to ensure that your data is safe and secure from the time it’s collected until the time it’s shredded and discarded.

Some industries are prone to data breaches and privacy threats. For instance, in the healthcare industry, a total of 253 health data breaches affected hundreds of patients in 2015. These breaches have put many companies in violation of special laws meant to ensure they don’t occur. Laws like HIPAA are the main sources of breach-defining (and prohibitory) language for companies handling sensitive information.

When laws like these are ignored or are violated completely, the privacy risks escalate. Even with end-of-life electronics headed for the recycling center, sensitive information is still sensitive, and laws and regulations governing the storage and transfer of such information must be given top priority.

This means having a data wiping policy firmly in place. Without it, the costs of unexpected data breaches – those occurring after a device is tossed – can be just as extensive as data breaches that occur when devices are online.

Encryption seems to be the protective procedure of choice for many companies, but even without encryption, companies must still ensure that data is carefully kept safe. Certain scanning technologies can help to identify vulnerabilities in your system or network. Keeping an up-to-date anti-virus software in place along with a strong firewall can help protect data while connected to the Internet, and before sending your electronics off for recycling be sure to use efficient and effective data wiping software.

Following up with the recycler handling the data wiping or temporary storage of your electronic devices is key. Many recyclers carry an an optional guarantee of data destruction in the form of official certificates. At least one other recycler takes its guarantee of data destruction a step further with video surveillance of the entire data destruction process.

Having a carefully considered incidence plan in place for responding quickly and effectively to privacy breaches is essential. Make sure that all managers and supervisors are trained in the response process. It’s also important to ensure that all company leadership is well-informed of the process for shredding and removing sensitive data from hard drives and other information storage equipment.

When a company’s privacy is compromised, the damage can be extensive and severe. The fallout from privacy breaches can be costly, and recovery can take years. However, companies don’t have to succumb to the risks, nor should they avoid recycling because of it. Take steps today to ensure that privacy threats are avoided before and after your devices reach the end of their life span.