Former ITAD models expose a defect
that businesses fail to correct:
An incomplete data management process.
Endpoint IT Asset Management
Enterprise must control all data in their possession
US state, federal and industry regulations require you, the enterprise to remain in control of the PII, PHI and financial data on your endpoint devices. Arrow shut down its centralized processing site where it had client data in its possession. Other old modeled centralized ITAD processing plants have PII, PHI and financial data on their premises without the required legal agreements that give them control of the data.
All company personnel are required to have their endpoint device classified as to what level of data was on their system such as PII, PHI and financial data. For many of us, that means the data bearing components must be destroyed to NIST 800-88 requirements through the NIST 800-53 or NIST 800-171 Cybersecurity Framework. At that point, the data is forever gone.
So for most endpoint devices in the world, the laptop or desktop is fine, but the hard drive must be destroyed and the remnants recycled to ISO 14001 or equal standard.
For others endpoint devices that had public data on them, those devices can be overwritten to the NIST standard.
Important facts to keep in mind:
Arrow discontinued ITAD Services as of August 2019
Customer compliance officers require ITAD Clients to implement the Cybersecurity framework by vendors supporting a Cybersecurity Framework
New Federal and State laws require organizations to meet all Cybersecurity Framework compliance
Track ➔ Contain ➔ Destroy ➔ Verify
all endpoint devices ONSITE
Secures your endpoint devices
and ensures compliance.
- Track your data bearing devices with RFID technologies and establish real-time inventory and audit trail via your own tailored customer portal
- Contain data bearing devices securely in a locked container to maintain organizational control only accessible by TechR2 engineers
- Destroy data onsite, backed by a multi-million-dollar Lloyd’s of London insurance policy
- Verify the reconciliation process to ensure nothing falls through the cracks with Dual Authorization
TechR2 Tear-A-Vault Refresh holds over 200 endpoint devices. Each device is tagged, track and contained in our Tear-A-Vault Appliance. Unique storage division allows each device to have separation to protect the value of the system.
Built into the Tear-A-Vault Appliance Design Model with RFID Tags and Kiosk:
- 1U, 2U, 3U or larger modules to hold endpoint devices in their own module
- 100% configurable to the customers’ requirements
- Individual door release from the kiosk control for individual client control
Compliance to GDPR, Federal and State cyber regulations
- NIST 800-53 MP-6 (1)
- NIST 800-88 Section 4.5
- FFEIC II.C.7, II.C.8, II.C.11 and II.C.13(a)
- HIPAA 164.308(a)(1)(ii)(A), 164.310(a)(2)(ii), 164.310(a)(2)(iii), 164.310(a)(2)(iv), 164.310(d)(1), 164.310(d)(2)
- ISO 27001 A.11.1
- PCI DSS 9.3, 9.5, 9.6