As the workforce gets more and more distributed and digitalisation shows no sign of slowing down, it’s clear that to address the risk, Security Chiefs and CIOs need to look beyond the usual areas of concern to protect their business.
More things in more places
As the number of tech assets being operated by businesses grows, the risk increases exponentially as sensitive customer data spread across an organisations’ digital footprint.
Businesses are vulnerable across at multiple points across the complex device lifecycle and while few would risk trading without a cyber security plan for in-use device, many are still just planning for tech assets while they’re in operation.
Discarded devices also need protection – inadequate IT disposal risks private company or customer data falling into wrong hands, with dire consequences for businesses.
Good cyber security starts with procurement, continues with asset management, and ends with responsible handling of devices at the end of their first useful life.
How an organisation procures assets can profoundly affect its security outcomes. Traditional ownership models are outdated, lumbering organisations with many needless risks, placing a heavy burden on internal teams to manage security challenges alone or through multiple competing suppliers.
Alternative ownership solutions, like device-as-a-service, are increasingly becoming part of future-fit security strategies. The most reliable ones offer access to an asset management system, giving organisations immediate oversight and control of their devices. The most advanced go a step further and look beyond the first useful life of the devices, making it possible for organisations to be compliant and environmentally responsible at the same time.
This kind of wasteful practice is starting to raise eyebrows. Even the European Commission has released research promoting “data deletion” over device destruction. However, according to a recent investigation by The Financial Times, tech companies, banks, and public services shred millions of data-storing devices each year.
The circle of trust
Clearly, failing to have a technology management plan that looks at the entire lifecycle of a device – from procurement to IT asset disposal (ITAD) – is unviable for any security-conscious organisation.
Instead of wasting tech assets by destroying them and potentially leaving themselves at risk, organisations can find value in end-of-life devices by prioritising repair and reuse, with peace of mind that globally accredited data sanitisation software leaves no trace of their data.
The pace of technological developments means we cannot predict what the next ten years will hold or what security challenges businesses will face.
However, we can take steps now to ensure our organisations are better protected and more resilient against cyber threats, so the headlines don’t call out the same devastating breaches of company and customer privacy in years to come.
Applying circular principles to technology management is a great place to start.