Enterprises are physically destroying IT equipment and unnecessarily sending it to landfill due to outdated security policies and a lack of education, with many believing it is actually “better for the environment”, according to data sanitisation firm Blancco.
In January 2019, the World Economic Forum and the United Nations E-waste Coalition found that approximately 50 million tonnes of electronic waste, or e-waste, are produced each year – most of which is either incinerated or dumped in the landfills of the world’s poorest countries.
A research study released by Blancco in April 2020 looked at policies of 1,850 of the world’s largest enterprises and found that, despite 83% of organisations having a Corporate Social Responsibility (CSR) policy in place, only a small amount of end-of-life equipment is being sanitised and reused.
“Physically destroying IT assets, when accompanied by a certificate of destruction and a full audit trail, is a valid data disposal option when hardware has reached end-of-life – especially if those assets are damaged or otherwise not in good enough condition to be erased and reused or resold,” it said.
“However, if physical destruction is performed on hardware that has not reached end-of-life or is still in good condition, it is simply bad practice.”
Speaking with Computer Weekly, Alan Bentley, head of global strategy at Blancco, said security concerns were a major reason why enterprises still opt for physical destruction of their assets over recycling or reuse.
“The way that companies have grown up with their assets and then think about what they do with them, physical destruction was a much easier, simpler process and then it got written into security policies,” he said, adding that many policies still dictate that an organisation must physically destroy a certain number of assets to be compliant.
“To then change your process when it’s already in a policy is… quite difficult for a lot of really large organisations to do. But we have to educate the enterprise that it’s not true anymore – there are guidelines in place that say, ‘If you follow a certain type of software erasure using certain standards, it’s the same as physically destroying the asset’, and so you don’t need to physically destroy it because you can use a different process.”
On top of this, Blancco’s research also found that 39% of global organisations physically destroy end-of-life equipment because they believe it is “better for the environment”.
“There are very reputable organisations that say that they will dispose of physical assets from a destruction point of view with the environment in in mind,” said Bentley.
“But, fundamentally, if you can reuse an asset, I can’t think why you would want to destroy it. What we do as a company, from a product point of view, is try to delay the end of life of the asset. Just because you want the latest and greatest version of a laptop doesn’t mean your laptop isn’t of any use to someone else. It can carry on being used instead of thrown away.”
To fix this, Bentley said companies should look at their security policies to review whether their “security requirements around data sanitisation are up to date and in line with the latest and greatest capabilities in the marketplace”.
He added that companies should exercise diligence when choosing which e-waste disposal partners to work with so there is no confusion between them about the processes involved.
“There are a lot companies that do this service, but you do need to do your diligence on which ones are doing the job in the right way,” he said.
The impact of Covid-19 on CSR and sustainability
The current approach to destroying IT equipment caused massive supply chain problems when the coronavirus pandemic started, as organisations now supporting a home-bound workforce did not have enough tech to give employees.
“All of a sudden there was a huge demand for laptops around the world, but because of all the supply chain issues there weren’t any. There was a big push to buy second-hand devices that could be used at home, and the majority of the supply came from ITADs [IT Asset Disposal firms],” said Bentley.
“The onus is on organisations to understand, ‘What am I doing from a refresh cycle point of view, and what’s happening to these assets once I finish using them?’. The sustainability question for them is a big one.
“From an environmental impact point of view, they have to understand, ‘If I’m still physically destroying 30 to 40% of all my assets, why am I doing that? Is it absolutely a security requirement, or am I doing it because it’s what I’ve been doing for years?’”
Bentley added that the pandemic also offered enterprises a chance to be more socially responsible, pointing out they could either sell or donate the surplus IT equipment instead.
“In the UK, many kids are getting homeschooled who are vulnerable or from poor backgrounds. Can their parents or guardians afford to buy them a laptop? Can the school give them all laptops? There is a huge opportunity for enterprises to live up to their corporate social responsibility,” he said, adding that he expects to see a greater push towards CSR in the coming months.
“There is ever increasing pressure on carbon neutrality and climate change, and I don’t think that’s going away – it’s been highlighted in the past three to four months because we’ve all seen that when human activity stops, the climate starts to recover.”
The rise of Environmental Social Governance (ESG) investing means more investors are also looking to support companies that have very clear environmental policies, as well as those with clear intentions to improve on them.
“When we’re talking the largest enterprise in the world, [CSR] is self-governing, but they are taking it seriously which is a good thing. There is pressure from governments and there is pressure from investors, and that does tend to make enterprises move more quickly,” said Bentley.