There are countless examples of why data protection is imperative for businesses. Earlier this year, IT and accounting consultancy, Berry, Dunn, McNeil & Parker — which operates a medical data analytics business that was working with an MSP — was sued in federal court for failure to protect 1.1 million individuals’ personally identifiable information (PII) in a data breach.
According to Berry Dunn’s notification to the Maine Attorney General, “The investigation found that an unauthorized actor gained access to the MSP’s network and took some data stored on the HAPG systems.” During the proceedings, the consultancy claimed that the breach was the fault of the MSP for failing to secure its network, so the MSP had to defend itself in the press and deflect significant negative PR resulting from these accusations.
This demonstrates how reputations are vulnerable in collaborative data protection scenarios. Plus, this challenge is playing an increasing role in partner relationships.
Why On-site Data Erasure Is a Key Security Measure
In the asset disposition and decommissioning space, for instance, partners are more hesitant to take ownership of IT devices that may still retain sensitive data due to the potential for perceived liability in the event of data theft. Their customers have a right to feel confident that their sensitive data has been removed in compliance with data protection regulations before their devices can change hands.
This confidence makes businesses more likely to participate in the circular economy —reusing, reselling, or donating functional IT assets, and recycling the non-functional ones to reduce waste. The UN’s 2024 Global E-waste Monitor recently revealed that e-waste generation is outpacing formal recycling by 5x. So, alleviating data security concerns may help businesses improve recycling rates.
Regardless of whether IT assets are taken off-site to be sanitized or physically destroyed, the risk of data loss increases any time the equipment is removed from the customer’s physical location for processing. This puts more pressure on MSPs.
4 Ways to Protect Customers’ Data
Partners can encourage their customers to consider the following data protection measures to avoid chain of custody headaches:
No. 1 Erase Data Before Equipment Enters Secondary Market or Disposition Process
Data security risks ramp up significantly as soon as data-bearing assets leave the building. Erasing data on-site on the customer’s own network is the most secure way to sanitize equipment. More often, businesses are considering on-site data erasure to ensure that the data removal process happens immediately. Partners can minimize liability by advising customers to limit chain-of-custody issues by maintaining equipment on site and on the customer’s own IT network until data has been removed.
No. 2 Leverage Remote Data Erasure
Remotely erasing IT assets, such as hard drives and SSDs, is another effective option that partners can recommend. Initiating remote and simultaneous erasures across multiple drives and locations is easy and efficient. It can save organizations time and resources. It also increases security and boosts resale profits of sanitized devices.
No. 3 Obtain Proof of Erasure
Certifying data removal through proof of erasure is a critical step to address data security concerns. Solution providers offering such certifications have been subjected to independently validated quality and performance tests. To earn a certification, an organization must comply with specific industry standards or data privacy and security regulations. Partners managing asset disposition and decommissioning processes should ensure that they receive data erasure certifications from technology providers to protect customer data. It also helps to protect themselves from any perceived liability.
No. 4 Keep Informed on Emerging Data Protection Standards
As quickly as technology moves, so, too, do the guidelines related to data protection protocols and best practices. MSPs can provide a valuable service to their customers that helps them remain compliant and protects corporate data. However, partners must review data protection best practices on an annual basis. This includes those from standards bodies and organizations such as the ISO, NIST and IEEE. This way, MSPs can track industry movement towards more modern approaches and solutions in keeping data secure. It helps them make educated recommendations to customers that build trust and their business reputation.
Effective Partner Collaboration
In today’s evolving data protection landscape, the role of partners is crucial to ensuring data security across all stages of asset management and decommissioning. By encouraging on-site data erasure, certifying data removal, using remote erasure solutions, and staying updated on emerging standards, partners can significantly reduce data-related risks for their customers.
This proactive approach mitigates potential liabilities, fosters trust, and strengthens customer confidence.
Jim Elder is the vice president of Global Pathways at Blancco Technology Group, the industry standard in data erasure and mobile lifecycle solutions. Elder leads Blancco’s global partner ecosystem and drives a channel-first strategy.
Featured image: