This is part two of a three-part series on Enterprise Resource Planning Systems and their importance to CircleIT’s ability to protect client data. You can read part one here.
CircleIT pursues climate and social goals beyond the traditional scope of the Information Technology Asset Disposition (ITAD) industry due to its preeminence in protecting client data. CircleIT’s not-so-secret, but highly effective tool, is its Enterprise Resource Planning (ERP) system: Oracle's NetSuite, which is considered to be the strongest ERP in the marketplace for an ITAD. NetSuite is pivotal in providing clients with the transparency they need to ensure that data is not escaping erasure or being processed with legacy data still intact . It provides system integrity, flags improprieties in the data, and provides transparency in device tracking. But not every ITAD invests in market-leading ERPs, and the results can be disastrous and very costly.
Data breaches have affected millions of people and can prove ruinous for the company whose information has been breached and the ITAD company trusted to destroy its data in the disposition of the company’s electronics. In 2016, an unqualified vendor was hired by Morgan Stanley to decommission two data centers. (The decommissioning of a data center entails wiping all data housed on the hardware as well as removing the hardware from the facility.)
The vendor in question did not provide Morgan Stanley with the necessary transparency to ensure the complete data wipe to prevent potential data leaks. The vendor’s lack of investment in a good ERP hindered the vendor and Morgan Stanley from tracking the erasure of each data-bearing device. And before the vendor confirmed that all data had been wiped, they sold the devices to another ITAD provider. The second vendor followed the same pattern as its predecessor by failing to track the erasure of the devices before the devices were sold again. The potential leak of customer information led to Morgan Stanley being fined $60 million by the US Office of the Comptroller of the Currency.
Data breaches, whether at the fault of the ITAD or not, have become common, putting customers and companies at risk. ITAD providers have a responsibility of minimizing the risk of data leaks by performing the service at the core of their industry, erasing client data from their old devices. But without investments in the systems necessary to ensure data erasure and transparency, ITAD providers will become part of the problem, as in the cases referenced above.
It is pivotal for companies to research their ITAD providers and the systems they use diligently. Not all providers are equal in terms of how they process your equipment. Sometimes the best return on equipment or cheapest ITAD operators come at the expense of costly fines, or worst of all, your brand integrity - which is not such a good return on investment.
CircleIT will always prioritize the protection and complete erasure of client data. It is the core foundation that enables CircleIT to offer clients environmental, social, and governance (ESG) services and pursue a more circular world.
In our next installment, we’ll discuss how CircleIT’s TrackIT portal integrates with NetSuite to provide clients with transparency and thorough reporting, unique to any other ITAD out there.