New research launched by Blancco Technology Group, a leader in data erasure and mobile device diagnostics, has outlined the staggering cost to global organisations of old, outdated IT equipment cluttering up data centres.
A survey of 600 data centre experts from APAC, Europe and North America reveals that two in five organisations that store their data in-house spend more than US$100,000 storing useless IT hardware that could pose a security or compliance risk.
Astonishingly, more than half of these companies (54%) have been cited at least once or twice by regulators or governing bodies for noncompliance with international data protection laws.
Fines of up to US$1.5 million could be issued for HIPAA violations due to storing data past its retention date, with that number multiplied by the number of years each violation has been allowed to persist.
Blancco’s exclusive study, The High Cost of Cluttered Data Centers, produced in partnership with Coleman Parks, reflects the extent in which global organisations are paralysed by fear of reputational damage.
This is primarily the risk of sensitive data that is stored on old IT hardware of being breached or misused. Put simply, organisations are opting to spend vast sums of money storing these devices, contrary in many cases, to data protection laws and regulations, rather than entrusting them to data erasure experts for wiping before reuse.
“Global organisations are unnecessarily wasting vast sums of money from noncompliance and onsite storage fees – charges that could be easily mitigated,” said Fredrik Forslund, Vice President, Enterprise and Cloud Erasure Solutions at Blancco.
“This points to a huge lack of education within the sector about what to do with hardware that is faulty or has reached end-of-life. Organisations are letting this hardware pile up in fear of data leakage, resulting in loss of efficiency, increasing capital costs, possible non-compliance and potential security risks.”
The global data centre industry remains gripped by a lack of time and resources to complete comprehensive data privacy processes. This remains one of the key reasons why organisations, particularly those that own their own data centres and store all data onsite, are keeping IT assets past their useful lives.
Other key global findings include:
- All organisations surveyed stored a large portion of their data onsite, with 48% storing 31 to 60% of their data onsite, 42% storing 10 to 30% of their data onsite and 10% of organisations storing over 60% of their data onsite
- Many individuals failed a simple data sanitisation test, despite their job titles suggesting that they should know more. Over half of the respondents, 57%, agreed that a quick or full reformat of a drive would permanently erase all data.
- Many organisations also stated they are using multiple methods to sanitise their data. What’s worrying is that 62% of organisations surveyed are using free online tools with no verification or certification to erase data securely.
- Most of the organisations surveyed (80%) admitted that at least a quarter of end-of-life drives sit uselessly idle in their data centres. Three quarters of organisations (75%) confessed that 25% of all RMA drives stored onsite were only there because they aren’t willing to follow required processes to return them to the manufacturer.
Key UK findings include:
- A total of 74% of UK organisations admitted that at least 26% of all RMA drives stored onsite were only there because they aren’t unwilling to return them to the manufacturer. A quarter also confessed more than half (51%) of their RMA drives sit uselessly idle in their data centres for the same reason.
- When asked about their major pain points in not returning RMA drives or servers to the manufacturer when their lease is up, 73% of UK respondents stated manual/time-consuming processes and 49% noted external security/privacy concerns, the highest percentage points from all the countries surveyed.
- While some countries had their own priorities, the UK was most worried about GDPR (43%), followed closely by increasing automation across the data centre (41%).
“It’s not surprising that more than half of all respondents rated the RMA return process as ‘quite’ or ‘extremely’ difficult. Current processes being followed are archaic, inefficient and desperately in need of automation. In some cases, organisations feel compelled to waste more resource wiping each drive individually,” Forslund said.
“Organisations are sitting on IT assets that are having an extremely damaging impact on their business – even if most organisations consider themselves to be mitigating risk by holding on to them.”
For full analysis, you can read the full The High Cost of Cluttered Data Centers report here: https://www.blancco.com/resources/rs-the-high-cost-of-cluttered-data-centers/