stokkete - stock.adobe.com
Government IT leaders are failing to follow through on their commitments to increase the amount of hardware they reuse, suggests research from data sanitisation firm Blancco Technology Group.
In a poll of 596 government IT leaders from nine countries to gain an insight into their organisations’ data sanitisation procedures, the company uncovered a disconnect between what public sector organisations say they will do with their devices and what actually happens to them.
Blancco focused its research on tracking the fate of solid-state drives (SSD) that are used by public sector organisations to store data in cloud and on-premise datacentres, as well as laptops, desktops and multi-function printers.
It discovered that 40% of the time, SSDs are physically destroyed when they reach end of life to render the classified and secret data stored on them “permanently irretrievable”, despite the fact that the material used to build these devices could be ripe for reuse.
Often, these devices are being destroyed because of IT managers being overly cautious about ensuring the data stored on the devices does not fall into the wrong hands, and in other cases because they lack awareness of data protection policies that would permit devices to be reused.
“The majority of respondents were well informed of their country’s or region’s respective data protection laws, including at a detailed level,” wrote Blancco in its report The price of destruction: exploring the financial and environmental costs of public sector device sanitisation.
“However, in a few cases, awareness of specific requirements or process details was lower. The situation this creates is one in which a lack of awareness can lead to limited options, poor practice, or miscommunication of appropriate, secure or efficient methods for handling data, particularly data that is categorised below ‘classified’ or ‘secret’.”
This lack of awareness can have several downsides for public sector organisations that are under continued pressure to keep a lid on costs while also trying to meet their sustainability responsibilities.
“All together, our 596 respondents spend between $12.8m and $17m each year destroying SSD-based laptops, desktops and servers, along with loose drives, and nearly another $40m replacing the drives they have destroyed,” said the report.
Read more about IT sustainability
- Datacentre operators talk a good fight when it comes to tackling climate change, but there is far more they should and could be doing to make their operations more sustainable, say experts.
- Datacentres have their work cut out in managing their emissions. After all, the capital expenditures of Amazon and TSMC are now five times and twice the size, respectively, of Exxon-Mobil’s, with that global growth in power, processing and storage requirements in train.
This is despite 93% of respondents claiming they have defined plans to reduce the environmental impact caused by destroying IT equipment, although the research shows that less than a quarter (21%) of them are actively implementing those plans.
“Overall, most respondents reported at least having plans to reduce the harmful effects of destroying IT assets, showing that organisations are aware of the correlation between device disposal practices and the environmental effects. Many, however, still need to take action to see plans become a reality,” the report added.
Alan Bentley, president of global strategy at Blancco, said the report highlights why the safe, secure and sustainable disposal of SSD units is something public sector organisations need to get a handle on.
“Governments and public sector organisations are responsible for handling some of the most sensitive information in the world,” he said. “But several factors, including accelerated digital transformation, rising numbers of public sector data breaches and global sustainability initiatives, are changing the data management landscape.
“With growing environmental and funding pressures, there is a need for these public sector operations to be more sustainable and efficient while maintaining robust security. Public sector organisations must explore SSD sanitisation alternatives to demonstrate prudent use of agency funds and a greater contribution to national and international sustainability efforts.”
Bentley added: “We’ve seen several public sector departments benefit from moving away from destroying data-bearing assets to reusing them or building up the circular economy. Our study highlights that there are significant opportunities for policy reform surrounding SSD data protection as national policymakers seek to steward financial, environmental and data resources entrusted to their care.”