IT asset disposition the right way: prevent a data breach

Whitepaper

The technology that creates, enables, and communicates the growth in electronic data, continues to proliferate at an exponential pace.

April 26, 202212 mins
Managing Government Data Through Effective IT Asset Disposition

GROWTH IN ELECTRONIC DATA AND TECHNOLOGY MODERNIZATION

The technology that creates, enables, and communicates the growth in electronic data, continues to proliferate at an exponential pace. In order to evolve with this growth, while working to achieve their missions, government agencies are following trends and adopting new technologies, especially those that are data-bearing assets - laptops, PCs, servers, printers and mobile devices.

As devices become outdated or reach the end of their useful life, agencies need to ensure that each individual asset is taken care of in a secure and sustainable way.

Given the security, privacy, and environmental concerns associated with the retiring of IT assets, agencies must ensure they are taken care of in a responsible manner and in adherence to government regulations. A comprehensive IT Asset Disposition (ITAD) program needs to be part of every agency’s overall data management strategy.

Disposing of obsolete assets in a manner that is legal, safe, cost-effective, and free of institutional harm is a challenge for all government agencies. Achieving ITAD success requires navigating legal and regulatory requirements, including NIST 800-88 standards, DoD 5200.22-M data sanitation requirements, HIPAA/ HITECH, and Federal Assets Sale Transfer Act (FASTA) mandates. Poorly executed disposition of IT assets can result in fines, public health and safety issues, breaches in data security, and reputational harm.

Managing Government Data Through Effective IT Asset Disposition - Infographic

Nearly half of Federal Government respondents in a Thales Data Threat Report noted they have experienced a security breach at some point, and of these, 47% said they had experienced a breach in the last 12 months. Most agencies do not have a solid understanding about what data they have or where it is located. Just over one-fourth (28%) of federal respondents have full knowledge of where their data is stored, and just onethird (33%) claimed to be able to fully classify their data. This means that personal and sensitive data can be anywhere, including on technology assets that are no longer in use – putting agencies at enormous risk and with multiple challenges to mitigate that risk.

Source: Global Industry Analysts

GOVERNMENT FOCUS ON DATA PROTECTION

The Federal Government has recognized the need to dedicate funding to address these urgent IT modernization challenges. The Technology Modernization Fund (TMF) aims to secure government sensitive systems and data, with the purpose to “fund projects for technology-related activities to improve information technology and to enhance cybersecurity across the Federal Government.” To date, the TMF has received $175 million through the annual budget process and $1 billion through the American Rescue Plan. A two-phased proposal process allows federal organizations to apply for funding to address immediate security gaps, such as disposing of data-bearing IT assets.

Additionally, the Senate Homeland Security and Governmental Affairs Committee approved legislation to advance the federal government’s technology modernization efforts. Know as the Legacy IT Reduction Act, the bill will require agencies to develop an inventory of legacy IT systems as well as write modernization plans to update or dispose of those systems. The Act reinforces a longstanding federal data privacy and security requirement across the information management lifecycle and it provides a pathway to eliminate old IT equipment that runs much of the government today.

“The Federal Government must bring to bear the full scope of its authorities and resources to protect and secure its computer systems, whether they are cloudbased, on-premises, or hybrid. The scope of protection and security must include systems that process data (information technology (IT) and those that run the vital machinery that ensures our safety (operational technology (OT)).”

— Executive Order on Improving the Nation’s Cybersecurity

Download the Whitepaper to learn more or talk to an ITAD representative of Iron Mountain Government Solution at publicsector@ironmountain.com.

Elevate the power of your work

Get a FREE consultation today!

Get Started