Be a destroyer

Sara Yirrell looks at the intricacies of data destruction

Being destructive is not usually favoured by many as a pastime, nor is it encouraged from childhood, but it seems the channel is missing out on a vital revenue stream arising from destroying data on old PCs and laptops.

We are surprised at the response an article in CRN has elicited from our readers (Data destruction niche unfulfilled, 17 March), which revealed how many people were unaware that when they dispose of an old machine, under the new Waste Electrical and Electronic Equipment (WEEE) rules, the company disposing of the equipment is not legally responsible for wiping any data saved on the hard drive.

That task remains firmly with the owner of the data and if they want a drive wiped as well as a machine safely disposed of, they have to pay extra.

We have heard many stories since the article was published ­ most of them unrepeatable ­ of large firms, including banks and credit card companies, not to mention government departments, that have dumped thousands of computers in accordance with WEEE rules, but all containing sensitive information, thinking the data has been safely erased from prying eyes.

Wrong. Until that data is destroyed using the proper magnetic machinery, it will remain on the drive for all to see.

The WEEE directive does not lay out the data destruction rules clearly enough for most companies
to understand, so until it does, it is up to the channel to convince their customers that they have to pay extra to safeguard against any sensitive information getting into the wrong hands.

In an era when identity theft and data leakage due to carelessness is rife, this is one line of defence against the fraudsters that must be reinforced before it is too late.