Though the biggest companies seem to be prioritizing corporate sustainability initiatives, a recent study published earlier this week suggests otherwise. The results are staggering — while 83 percent of organizations have Corporate Social Responsibility (CSR) policies in place, only 24 percent of end-of-life equipment is being recycled. To get a behind-the-scenes look at the objectives, results, and implications of the study, I spoke with Fredrik Forslund, Vice President of Cloud and Data Center Erasure at Blancco, the company that commissioned the study.
Our conversation has been edited for length and clarity.
CHRIS CHEN: Before Blancco began its study, what were the main objectives it had in mind?
FREDRIK FORSLUND: With the latest installment, in particular, we were hoping to gauge how much equipment is being destroyed unnecessarily (instead of being reused), and the rationale behind this practice, as well as whether enterprises are taking sustainability into account when creating policies and processes around end-of-life IT equipment. The ultimate goal has been to create both awareness and to educate the market on these issues.
What kind of sample demographics did Blancco need to meet those objectives? How did the company approach gathering that sample?
The primary research was commissioned by Blancco and conducted by Coleman Parkes in August 2019. The sample was comprised of 1,850 senior decision makers, including Heads of Compliance, CFOs, Financial Directors, ITAMs, CISOs, IT Security VPs, Data Protection Officers and Heads of Operations, from 1,850 organizations with 5,000+ employees.
The sample was divided between the United States, the U.K., Canada, Germany, France, Japan, India, Singapore and Australia and covered several vertical markets: healthcare, public sector, pharmaceutical, financial services, technology, defense, legal, manufacturing, energy, transport and advisory.
It looks like the sectors examined were fairly diversified. Out of that bunch, did Blancco’s study find that particular sectors outperformed others on e-waste management?
To be honest, we saw outliers and issues in all industries and markets included. We cannot really point out one single industry that stood out and performed much better or worse than the others. The same applies when you look at the different countries.
A fact that we found shocking in the latest study was that one out of every 25 of these large enterprises had no processes in place at all. A fifth of all companies actively destroy equipment as part of their policy. This means hundreds of thousands of devices at millions of dollars in value are ending up as e-waste.
Those numbers are crazy. Materially, what are their implications and how should we be reacting to them?
For us, the implications are that we need to continue with educational efforts and information about available best practices. Enterprises can save time, money and resources by updating their sustainable and secure asset and data management policies and processes put in place over a decade ago. For society in general, we also need to conclude that there is a waste of resources that both could and should be avoided.
Seeing that recycling is so beneficial, why are companies still inclined to hoard IT assets over contributing to the circular economy?
Hoarding of equipment is one key area of concern that we observed in the research. Equipment is piling up and this creates both risk for data breaches and the likelihood of being destroyed instead of reused or properly recycled. Based on additional conversations on top of the findings, we believe that it is basically uncertainty and insecurity that drives this behavior.
There has not been enough time invested in what can be achieved today with modern technology and processes. Instead, enterprises are stuck in old processes and tend to hoard equipment that is later destroyed. These practices are just delaying the problems, which will have to be addressed in the future anyway, but they will be larger in scale.
Speaking of destroying physical equipment, more than 36% of companies do so as a mechanism for data removal methods. What are the environmental harms of these practices?
The environmental harm is very clear. The resources used to produce a computing system are significant. Early destruction is simply a waste of those resources. Also, when you destroy with the aim to eliminate the data, you tend to shred the equipment, which also makes proper recycling very challenging and less efficient.
In that case, why do so many organizations believe that physically destroying equipment is better for the environment? What can be done to resolve this misconception?
We see that misconception often originates from not following the chain of custody to the end of the trail. One might believe that the process chosen will have a good end result. But when properly investigating all steps in a process of what happens to the equipment and materials after destruction, one might find that the case is the opposite.
Do you think governmental e-waste regulation will play a big role in addressing these problems? Or will those best practices primarily come from internal adjustments made by companies themselves?
We believe the combination is what matters the most. If you have both compliance and regulations combined with media, for example, bringing up best practices within industries, you will have both a pull and a push effect that, when combined, will create better results.
Right now, we’re seeing a massive surge in hardware and software technology purchases for employees who now work from home. What are the immediate implications for data sanitization and e-waste management?
The most prominent effect is that enterprises are starting to enhance their remote data sanitization capabilities. If a PC needs to be replaced in a home office, it is a significantly more efficient and cost-effective process to pick up that asset and make sure it comes to a processing place, such that it has been sanitized from sensitive data.
From an e-waste management perspective, it is a bit too soon to say what the effects will be, but our hope is that we will not see a decline in the trend where, over time, we are actually reducing unnecessary destruction, even if it is moving a bit to slow in our view.
In the report, what would you say is the one finding that surprised you the most?
The fact that so many devices are being physically destroyed and that contributing to corporate sustainability is not a higher priority these days. Even the opportunities that exist to earn thousands of carbon credits aren’t making enough of a difference for enterprises to change their processes away from destruction.
How can companies best maintain their data-sanitization policies in a way that’s mindful of the environment?
We always recommend a simple rule: don’t destroy it if it’s not broken. If a device works, it can be erased and reused in one way or another. If that is the default mindset, which goes hand-in-hand with data security, you are good to go.
Did you like this interview? Check out our other exclusive interviews here.