Not all big-company, known-brand ITAD providers offer the level of service it’s customers believe they are getting. Despite the big name or reputation, due diligence (vetting) must include a check of the provider’s ITAD certifications, and whether the certifications are indeed current. Also, the vetting team MUST know whether the vendor’s specific certification requires the provider’s downstream partner(s) to also be certified. This is key! Not all certifications are created equal and not all downstream partners have the brand reputation of the vendor you’ve selected – especially if these downstream partners are not also certified – held accountable for some level of operating standard.
Of course, you get what you pay for. But, data security and proper removal of data is essential to protect your company. Be sure to read Kiera Walker’s blog, Top 5 Reasons to Choose a Truly R2v3 Certified Provider for IT Asset Disposition, if you’ve not already done so.
Would you ever believe that a Fortune 100 company would make an ITAD vendor selection mistake, putting their company’s solid reputation at stake with a very near data breach? Humans make mistakes. But, teams and refined processes – one would believe – would rarely be mistaken enough to be deemed as “negligent.” This is a very true story and, by its nature, it’s unlikely the company knows how close they came to data security catastrophe.
Fortune 100 Data Security Error & Near Catastrophe
In the global marketplace, XSi is sometimes selected as the primary ITAD provider and other times the selected ITAD provider relies on XSi as a downstream partner – we’re certified and they know they can trust every stage of our process.
In this true story, the Fortune 100 company had selected a well-known IT services provider for its ITAD business. The ITAD provider requested XSi assistance within one country in Latin America, where we already have an established infrastructure to handle any ITAD requirement. The Fortune 100 company should be pleased their ITAD provider selected a certified downstream partner within this region. However, after a few projects the ITAD provider chose to switch the downstream partner in order to glean greater margin for themselves.
Then, in the first or second PC take-out (by the uncertified downstream partner), the great slip occurred. The downstream partner did NOT wipe ANY of the data before turning these PC assets over to a hardware reseller. When the reseller received the assets, their QC checks included a boot-up – during which they found COMPLETE data on every single computer sold to them.
- The reseller panicked and called its allies at XSi for information and advice
- XSi went onsite, wiped all PCs and provided the reseller Certificates of Destruction for each asset
- The ITAD provider (for this Fortune 100) accepted our call to explain what the reseller discovered, heard how we protected them, then chose to do nothing more. They certainly did NOT inform their Fortune 100 client.
This ITAD provider remains uncertified to the standards most Fortune 2000 companies would prefer. And, they continue to use uncertified downstream partners.
Just think of what could have happened to their data. Yet, they have no notion this occurred, nor any understanding what XSi did to help protect them. You might choose to think we “enabled” the inappropriate business practices of their ITAD provider. Instead, we believe more in doing the right thing, going the extra mile and helping to educate vendor vetting teams so accountabilities are secure and data security is taken seriously.
XSi is a Fully-Certified Provider of IT Asset Disposition
XSi is R2v3 Certified and also ISO9001:2015, ISO14001:2015, ISO45001:2018 Certified. XSi provides full IT Asset Disposition support to North America, APAC, EMEA, as well as clients throughout Latin America. Contact Us if we can be of assistance!
XSi Interviewed by Worldwide Business with kathy ireland®
The interview discussed considerations for IT Hardware Lifecycle Management and aired on FOX Business Network, August 15, 2021. Check out this IT Hardware Lifecycle Best Practices interview.
Follow Us On LinkedIn