What Is IT Asset Disposition? A Beginner's Guide To Asset Disposal

GetApp’s 2023 IT management survey* on IT professionals found that about one out of every eleven businesses don't have a formal, documented IT asset disposition policy.

This is a critical oversight, as even multinational companies, like Morgan Stanley Bank [1], faced a $60 million fine for shortcomings in their ITAD procedures, making it essential for small to midsize businesses to understand ITAD.

If you work as an IT or business leader at an SMB that doesn’t have an ITAD policy in place yet, it's important for you to understand that IT asset disposition isn't just about getting rid of old or unused IT assets. You should be able to answer the following questions such as; who to contact; what ITAD method is best for your business; what challenges might you face; and what regulations must you meet for the ethical and legal disposal of your company’s IT assets.

This article will help you understand the basics of ITAD and considerations and top challenges for businesses.

IT asset disposition (ITAD) is the process of handling a business's IT assets such as hard drives, laptops, and servers at the end of their life. It is the last step in the asset’s lifecycle and is carried out by certified ITAD service professionals. They use specialized software to securely erase data from these assets, preventing data breaches, and physical destruction tools to manage solid e-waste to reduce the impact on landfills.

There are four concerning reasons to dispose of your company’s IT assets properly:

1. Economic consequences

When IT assets are not disposed of properly, sensitive data stored on devices like hard drives, laptops, and servers can be accessed by unauthorized individuals, leading to data breaches. These breaches can be economically devastating due to the immediate costs of addressing the breach and long-term financial consequences.

IBM’s 2023 report says the global average cost of a data breach in 2023 was $4.45 million, a 15% increase over 3 years. [2]

Proper disposal includes methods like data wiping, degaussing, or physically destroying the storage media to ensure that the data cannot be recovered. An ITAD vendor helps you here with specialized tools they have to properly sanitize all the hardware, and ensure no critical data is left on the devices in order to dispose of them safely.

2. Environmental impact

Improper disposal of IT assets, particularly those containing heavy metals like lead, mercury, and cadmium found in batteries and circuit boards of laptops and hard drives, can lead to significant environmental damage.

When these materials end up in landfills, they can leach into the soil and groundwater. This leaching process occurs as electronic equipment waste breaks down or when rainwater filters through waste material, carrying these toxic substances into the environment.

An image showing how e-waste causes environmental pollution when not properly disposed of [3]

This seepage can have long-term detrimental effects on ecosystems and public health, including potential risks to human health from contaminated water sources. The Environmental Protection Agency (EPA) highlights the importance of proper e-waste management to prevent environmental hazards. [4]

3. Legal and financial ramifications

Failure to dispose of IT assets properly can also result in legal and financial consequences. Companies face potential lawsuits and government penalties for data breaches and non-compliance with environmental regulations.

These costs include legal fees, settlements, lost business, and reputational damage. For instance, the Resource Conservation and Recovery Act (RCRA), a federal law that regulates the disposal of hazardous and solid electronic waste in the United States imposes penalties of up to $50,000 per day for violations. [5]

4. Loss of customer and brand loyalty

Neglecting environmental responsibility can lead to significant public backlash against companies. A notable example is Coca-Cola, which faced criticism from environmental groups who labeled the brand as the "world's top polluter" and "the biggest plastic polluter". [6] This negative perception led to a spike in negative conversations around the brand, especially concerning sustainability, resulting in a loss of customer trust and loyalty.

In contrast, positive environmental practices can bolster a brand's reputation. Neeman's, an Indian footwear brand, gained public favor by recycling plastic bottles to create their shoes. [7] These examples illustrate the significant impact that environmental practices can have on a brand's public perception and customer loyalty.

Our survey* reveals a total of five methods that IT professionals use to decommission IT assets at their businesses. But before we talk about them, it’s important to understand the difference between decommissioning and disposition of IT assets.

1. Recycling IT assets through e-waste organizations is an eco-friendly disposal method. It prevents hazardous materials from harming the environment and allows valuable components to be reused. Recycling is key to sustainable IT asset management and reducing your carbon footprint

2. Redeploying IT assets means repurposing older devices for new roles within the same organization. It’s an efficient way to extend the life of IT assets, reducing waste and saving money. Redeployment is ideal for maximizing usage and sustainability in your IT management strategy.

3. Remarketing IT assets involves selling refurbished IT assets on the secondary market such as online platforms like eBay or specialized IT resell websites. It's a smart way for businesses to recover value from older equipment, offering functional devices a new life with other users. It's both cost-effective and environmentally friendly, making the most of existing resources.

4. Donating IT assets to charitable organizations is a socially responsible method of decommissioning. It supports communities and non-profits while ensuring that functional technology isn't wasted. This approach boosts corporate social responsibility and aids in digital inclusion efforts.

5. Discarding IT assets typically through garbage collection or landfill, should be a last resort. This method often leads to environmental harm due to e-waste and should be considered only when other decommissioning methods aren’t feasible. Responsible discarding involves certain legal and environmental guidelines.

We referred to Gartner’s guide to IT asset disposition, where they have highlighted the most prominent IT asset disposition-related standards and certifications for businesses. [8]

1. Electronic recycling

• R2 Standard: Managed by Sustainable Electronics Recycling International (SERI), R2 is a leading standard for businesses repairing and recycling used electronics. It ensures consistent processes, safety measures, and documentation. R2's independent audits focus on quality, safety, and transparency, with over 800 R2-certified facilities in 31 countries, making it a benchmark in electronic recycling.

• e-Stewards Initiative: Created by the Basel Action Network, e-Stewards is a globally recognized standard for responsible electronics reuse and recycling. It sets high benchmarks for environmental responsibility and prevents the export of hazardous electronic waste to developing countries, promoting global best practices in e-waste management.

2. International Organization for Standardization (ISO)

• ISO 9001: This quality management standard, part of the ISO 9000 family, focuses on customer satisfaction, top management involvement, and continuous improvement. ISO 9001 is the only standard in its series offering certification, making it crucial for businesses aiming for excellence in quality management.

• ISO 14001: An essential standard for environmental management, ISO 14001 helps organizations enhance their environmental performance, meet compliance obligations, and achieve environmental objectives. It's key for companies committed to responsible environmental stewardship and sustainability.

• ISO 27001: This standard governs information security management systems. ISO 27001 helps organizations manage assets like financial information, intellectual property, and employee details, ensuring the security and privacy of information entrusted by third parties.

• ISO 45001: Replacing OHSAS 18001, ISO 45001 is a critical standard for occupational health and safety management. It focuses on improving employee safety, reducing workplace risks, and fostering better, safer working conditions globally.

• SOC 2 Compliance: SOC 2 reports offer comprehensive information on controls within a service organization, pertinent to system security, availability, and integrity. They also cover the confidentiality and privacy of processed information, essential for service organizations handling sensitive data.

3. Data security

• NAID AAA Certification: The National Association for Information Destruction AAA certification assures compliance with data protection laws. It involves regular and surprise audits, verifying that service providers offering secure data and product destruction services meet stringent data security standards.

• ADISA Certification: The Asset Disposal and Information Security Alliance provides industry accreditation for ITAD services. It ensures best practices in data sanitization and asset disposal, making it a vital standard for companies seeking reliable ITAD service providers.

IT asset disposal is a comprehensive process that often leads to confusion and challenges for business owners. Our survey has identified several key challenges businesses face in this area. Here are the top three:

1. Struggle with the cost of responsible IT asset disposition

The cost of responsible IT asset disposition can rise due to factors like transportation, data destruction, and recycling fees. Transportation costs vary based on distance and quantity of assets, while specialized data destruction methods and environmentally safe recycling processes can add to the overall expenses, impacting the company's bottom line.

2. Struggle with organizing/staging physical assets for disposition

Organizing and staging physical assets for disposition involves complexities like tracking asset lifecycles and coordinating the disposal process. Mismanagement in this area can lead to inefficiencies in resource allocation and delayed disposals, increasing costs. Furthermore, it can result in data breaches if decommissioned assets are not securely managed.

Motadata Service Ops ITAM software tells you what assets are live, what are in use, and what retired asset needs to be scrapped, so you can track the lifecycle of your IT assets (Source)

3. Struggle to identify reputable ITAD/e-waste vendors

Identifying reliable ITAD or e-waste vendors is essential but challenging. The difficulty lies in ensuring vendors meet compliance standards and offer secure, environmentally responsible disposal services. Incorrect vendor selection can lead to data breaches, environmental non-compliance, and potentially, legal penalties for the business if regulatory obligations are not met.

Your ITAD vendor or e-waste partner is your main point of contact throughout the IT asset disposition process, starting from lifecycle management. It's no surprise that every IT professional we surveyed says their company has contracted with an ITAD vendor.

After selecting the ideal partner and aligning on terms, it's crucial to fully utilize their expertise. They can offer assistance and guidance for various activities:

Asset management: Ensure your vendor provides comprehensive tracking of each asset's lifecycle. Ask them how they can help optimize asset utilization, and asset recovery, before disposition to maximize value.

Data center decommissioning: Inquire about their decommissioning protocols. Ensure they align with industry standards for minimizing downtime and securing data.

Data erasure: Confirm that they use certified data erasure methods. Ask for a detailed report post-erasure to ensure compliance and data security.

Hard drive shredding: Verify their shredding process meets regulatory standards. Ask how they handle the shredded material post-process for environmental safety.

Refurbishing: Discuss their refurbishing techniques and how they assess which assets are suitable for refurbishment. Understand the resale value they can offer.

Repair and return: Check their repair capabilities and turnaround times. Ensure they have a robust process for returning repaired items efficiently.

Don't rush into IT asset disposal without a defined strategy. Avoid compliance misses, overspending, or potential penalties.

To ensure you’re on the right track, download GetApp’s free strategy-on-a-page template. Fill out your details below to get this templatized scorecard.

It helps you see your strategy from a bird’s eye view, allowing you to spot any errors and iron them out, ensuring a smooth and compliant ITAD process.

Note: The screenshots of applications included in this article are examples to show a feature in context and are not intended as endorsements or recommendations.