IT assets and equipment, unfortunately, are not designed to last forever, and eventually, all companies must decide what to do with their used or end-of-life IT assets. If they aren’t handled properly, they will end up taking up valuable space. Even worse, these IT assets or the data stored within may be compromised by cybercriminals or other parties.,
Generally, we have three main options when it comes to handling used IT equipment:
- Sale: if the used IT equipment still has a relatively good resale value, then we can sell the IT asset for extra cash, allowing us to maximize the ROI of the asset.
- Repurpose: if the IT asset is in a fairly good working condition, then we can repurpose it for another productive use. For example, we can repurpose an old HDD as an external backup drive. This is typically the option to take if the resale value of the used IT equipment isn’t particularly high.
- Recycle/Disposal: the last resort option if the resale value of the IT equipment is low and we can’t repurpose it for another utility. Also, an option to consider if the IT asset is considered high-risk (i.e., containing confidential and regulated information.)
With that being said, many businesses aren’t sure how to handle their used IT assets, or they may not have the time and resources to properly handle these assets.
This is where the service of ITAD (IT Asset Disposition) companies comes in.
An ITAD company safely and responsibly handles the decommissioning of used and end-of-life IT equipment, figuring out the best possible option to take for each piece of used IT asset at your disposal. Using the service of these ITAD companies can allow you to recover the highest possible value from these IT assets while also mitigating risks. Yet, it’s still important to choose the right ITAD vendor according to your unique needs.
In this guide, we will discuss how to choose the right ITAD company to sell your used IT equipment, and by the end of this guide, you’d have learned about:
- What is IT Asset Disposition (ITAD)
- Doing it yourself vs. selling to an ITAD company: pros and cons
- Factors to consider when evaluating ITAD companies
- A step-by-step guide to selling IT assets to ITAD companies
Without further ado, let us begin this guide right away.
What Is ITAD?
ITAD, short for IT Asset Disposition, is a process of handling used or unwanted IT assets to ensure three things:
- Maximizing the value of each retired IT asset (purchasing the IT asset with a fair price or repurposing the asset)
- Ensuring data security and security in general for each piece of equipment
- Ensuring compliance with environmental and health safety standards, as well as local, state, and federal electronics disposal laws (when applicable.)
ITAD not only allows companies to maximize the ROI of each IT asset and help offset the cost of replacing the said asset but depending on your industry, you may be legally required to ensure that any sensitive/confidential data on the asset has been securely eradicated to prevent data breaches and other security risks.
Companies can technically perform ITAD on their own, but there are also ITAD vendors like Big Data Supply Inc. who develop and execute ITAD programs for other companies, so the client can use their valuable time to handle their core day-to-day operations.
In the next section, we will discuss the benefits and drawbacks of performing ITAD on your own when compared to outsourcing the process to an ITAD vendor.
Decommissioning Your Assets Yourself: Pros and Cons
As discussed, you can technically design and execute an ITAD program on your own, and when performed correctly can be financially more profitable (and responsible) than using the service of an ITAD vendor.
However, in order to be able to design and execute a proper ITAD program, your team needs to become familiar with many critical steps to ensure you can maximize the value of each piece of equipment while ensuring compliance and security, which can be very challenging in practice.
If you are not careful, forcing your company to do the ITAD program yourself may expose you to security, financial, and legal risks.
So, before planning to perform ITAD on your own, you might want to consider the following challenges:
1. Challenges in asset management
Asset management is crucial and yet often a challenging phase in any ITAD process.
To ensure data security and compliance, all used IT assets must be audited, decommissioned, wiped, and transported to their destination. All of these asset management processes must also be properly documented to establish a compliant audit trail.
While the actual process may vary depending on the company and the IT assets in question, a typical asset management process in ITAD will include:
- Audit: identifying and assessing the to-be-decommissioned IT asset’s brand, model, serial number, where they are located, licensing, dependencies, and other details. The audit process must be established until after the IT asset in question has been decommissioned to maintain a complete audit trail for compliance and risk monitoring.
- Decommissioning: whether an IT asset will be reused, sold, or disposed of, it must first be securely removed from the operational environment. In practice, decommissioning may involve complex processes like:
- Locating each asset
- Ensuring data is backed up properly
- Determining whether the data is encrypted
- Checking which software/hardware is dependent to this asset, and whether the asset is also dependent on other apps/hardware
- Figuring out how to securely remove the asset physically from where it’s currently located
- Secure data eradication: data eradication is a crucial yet risky process in any ITAD process. To ensure data security, you must make sure 100% of the data has been securely wiped and cannot be recovered, which can be easier said than done if you don’t have the right expertise and infrastructure.
- Logistics: this phase involves locating data of each asset (and ensuring data has been sanitized properly), planning and executing the transportation of IT assets to their destination, and planning who is responsible for transporting each IT asset in question. Failure in logistics management can expose your assets to both data security and environmental risks.
As we can see, ensuring success in these four phases can be complex and challenging, and if you want to do them in-house, you’ll need an internal team with adequate experience and expertise, as we will discuss below.
2. ITAD expertise requirement
It’s crucial to remember that if your core business is not ITAD, then your team’s core responsibility is not about developing and running an ITAD program. So, by burdening them with this responsibility, you are taking their valuable time to help you achieve your business objectives.
Not to mention, your internal team may not have the expertise and experience necessary to run an ITAD program while ensuring security and compliance.
3. Failure to test the usability of assets
To maximize the value of each IT equipment as an investment, we should properly assess whether it’s possible to sell or reuse the asset.
Yet, without the right expertise and experience, your team may not be able to accurately assess the condition of each IT asset, as well as perform necessary repairs when needed.
4. Lack of equipment and infrastructure to process end-of-life IT assets
Some situations may demand you to recycle or dispose of the IT assets (and their components), for example, when the resale value of the asset is too low, and you can’t repurpose it in any way.
However, processing these end-of-life IT assets is not easy, and there are always inherent risks involved, especially regarding data security and compliance. Your in-house team may not have the adequate equipment and infrastructure to securely process the end-of-life IT assets, including:
- Recycling: most non-ITAD companies don’t have the infrastructure and internal procedures to deal with regulated and/or hazardous materials (i.e., chemical substances) that are often the byproducts of the recycling process. You may also be required to comply with all the local, state, and federal regulations to avoid potential legal and financial repercussions.
- Component salvage: you can (and should) maximize the value of end-of-life IT assets by selling or reusing salvageable components, but salvaging these valuable components will require you to have enough people with adequate expertise, as well as adequate equipment to track, test, and safely remove the components. Not to mention, during this salvaging process, employees must always be kept safe from potential hazards.
- Disposal: any disposal methods, be it incineration, shredding, crushing, and others, always have negative impacts on the environment since all of these processes release hazardous materials to the environment. In general, you should avoid disposal at all costs unless you have adequate equipment to ensure security and eco-friendliness. The disposal of IT assets is highly regulated in many locations.
5. Finding the right buyer of IT assets
Who should you sell your used IT assets to? What’s the fair market value of each IT equipment? How will you manage compliance risks with resale?
As you can see, selling your used IT equipment is easier said than done and can be time-consuming. If you don’t sell the IT assets to the right buyer, not only you may not be able to maximize their value, but you may also fail to stay compliant with relevant regulations.
Considering the challenges above, it’s recommended to outsource your ITAD program to a trusted and experienced ITAD company like Big Data Supply Inc.
By partnering with companies specializing in ITAD; you can be sure your company’s ITAD program is executed efficiently and securely while ensuring compliance with applicable regulations in your industry and/or location.
Evaluating ITAD Companies: Key Factors To Consider
An ITAD process, as we’ve discussed above, can be extremely challenging, and this is where outsourcing the process to a credible ITAD company is recommended.
When you’ve partnered with a credible ITAD vendor, you can be 100% sure about data security and compliance while maximizing the value of each used IT asset at the same time.
Yet, it’s still very important to choose the right ITAD company based on your current situation, and here are some of the key factors you should consider when evaluating different ITAD companies:
1. Accreditations and certifications
While not always 100% accurate, outsourcing the ITAD process to a credible ITAD vendor that is certified by relevant certifications and accreditations.
There are many certifications and accreditations for ITAD companies; some are industry-specific, while others are more generic.
Nevertheless, here are some of the most important certifications to check for include:
- RIOS™ (Recycling Industry Operating Standard): RIOS certification is only given to companies that have stayed in compliance with ISO 9001, ISO 14001, and ISO 45001 standards, which specify requirements related to environmental risk management, quality management, occupational health and safety (OH&S), and more.ITAD vendors that are RIOS™-certified have implemented environmental responsibility across the organization, ensuring optimal health and safety policies across the facility and so on.
- R2: R2 stands for Responsible Recycling, and is a facility-level accreditation only given to companies who have established a comprehensive and secure policy to manage used and end-of-life IT assets, components, and materials. Check out the R2 standards library here.
- ISO Standards: As mentioned above, there are three ISO standards that are considered important for ITAD companies:
- ISO-9001, quality management
- ISO-14001, environmental management
- ISO-45001, health & safety.
When evaluating different ITAD companies, check whether the company is accredited with relevant certifications, and take the time to confirm that the qualities claimed by the certifications are indeed reflected in the vendor’s day-to-day operations.
Big Data Supply Inc is both R2 and RIOS-certified, so you can be sure your used and end-of-life assets will be handled properly to ensure security and compliance with environmental laws.
2. Labor Quality
When evaluating different ITAD companies, ask how each vendor staffs the employees that will work on your project. Ask whether they’ll employ full-time employees to handle your project or whether they will rely on temporary workers (which is okay, as long as they are well-trained).
Make sure the ITAD vendor has properly trained its employees to ensure a high-quality workforce with consistent work qualities.
3. Data Security Infrastructure and Practices
As discussed above, data security remains one of the most important aspects of any ITAD project, and we should evaluate the ITAD vendor’s approach to data security and available infrastructure.
Don’t hesitate to ask prospective vendors questions regarding:
- The software and technology they use for secure data eradication. The newer and better the technology they use, the more likely you should hire them
- Do they have the ability to securely wipe your specific type(s) of storage device?
- Whether they are using proper media sanitizing standards (NIST SP 800-88 or equivalent), and whether they can provide certificates of destruction according to these standards.
- How do they validate whether a device is properly sanitized? (i.e., ERP system, strong policies, etc.)
- Can they physically destroy storage devices they aren’t reselling, with which methods?
- How do they make sure the equipment stored on-premises stays secure? (i.e., security personnel, CCTV, metal detectors, etc.)
As we’ve also mentioned above, secure transportation and logistics are critical and yet are often big challenges in any ITAD process. Even if your IT assets have been properly wiped, it won’t mean a thing if they don’t arrive safely at their destination.
Evaluate the ITAD vendor’s security policies when transporting your IT Assets. Do they use GPS tracking? How will they package each asset? Do they have their own vehicles?
Some ITAD vendors may also offer premium logistics options (i.e., more secure) that will translate into additional costs.
Nevertheless, assess their logistics policies whether they meet the level of risks you can tolerate.
5. Customer Support
While ITAD projects are typically quite short in duration, it’s still important to choose an ITAD vendor with great customer support that you are comfortable working with.
If possible, contact their previous clients to validate the quality of their services.
6. ERP Solutions Availability
Especially if your ITAD project is relatively complex and/or large, you should prioritize working with ITAD vendors that use robust cloud-based ERP systems (i.e., SAP or NetSuite).
An ERP system is crucial in helping these ITAD vendors in keeping track of your IT assets and in maintaining a comprehensive audit trail. With these ERP systems in place, you can expect the ITAD vendor to provide you with a comprehensive and accurate audit report detailing what happened to all your IT assets at each phase of the ITAD project.
Depending on your location and industry, a complete audit trail may be legally required for compliance.
Fairly self-explanatory, it’s important to evaluate an ITAD vendor’s credibility before committing a partnership with them. Gather as much information as you can, not only about the ITAD company but also whether they’ve performed adequate background checks on every employee.
A mistake from a single employee, be it malicious or not, can cause a massive data breach for your business, so it would pay to be extra careful. Check how they qualify or disqualify a new hire (i.e., fraud, theft, felony records, etc.), and weigh whether their criteria are sufficient for you to feel safe in trusting your IT assets (and data) with this vendor.
The ITAD vendor may also purchase your IT assets from you, or they may sell your assets to other parties and share the revenue with you.
Assess how the ITAD vendor determines their purchase value, and also ask whether they offer a consignment agreement (which can end up providing more value in the long run.) It’s important to choose an ITAD vendor with transparent valuation policies so you can maximize your IT assets’ values.
9. Environmental Compliance
Evaluate whether the ITAD vendor is well-versed in applicable environmental regulations, and check their practices in recycling and disposing of your end-of-life IT assets.
Validate every claim the vendor makes regarding sustainability. If they claim to have a zero-landfill policy, ask how exactly they fulfill that promise. Also evaluate whether they perform the recycling themselves, or if they are outsourcing the process to another company (in such cases, you should also evaluate the outsourcing company’s policies and practices.)
Also ask whether the ITAD vendor can provide a routine report regarding sustainability and CSR, including greenhouse gas emission and waste diversion data.
It’s always crucial to choose the right partner that can help you in securely executing the ITAD project so you can:
- Maximize the value of your IT assets to help finance their replacements
- Ensure data security and privacy
- Ensure compliance with relevant data security and environmental laws and regulations
Look for an IT asset disposition specialist that offers holistic data center decommissioning service as your partner. Big Data Supply Inc. is an R2 (Responsible Recycler) certified IT asset deposition service that can be your partner in ensuring an environmentally friendly and data security-compliant decommissioning process for IT assets.