By Barbara Rembiesa, President & CEO of IAITAM
George from the inventory team is now responsible for the organization’s disposal program for IT equipment and with an organization with thousands (tens of thousands?) of devices, he is a busy person. He has been working with the same ITAD vendor for some time. They offer a good price and they come and take everything away in a secure manner AFTER the drives have been shredded. George is feeling good about the success of his program and reports on the number of devices removed, the security steps and the cost of the services. His management is pleased, especially with the reports George generates for governance purposes (privacy, accountability, health care data, personal data, take your pick…).
What is missing from this scenario? Sure, he has the basics done, but what about what actually happens to those devices after the ITAD vendor takes them away? Are the devices really recycled or left to rot in a field?
But, George wasn’t asked to double check on the vendor and, even if something bad happens, the authorities seem to go after the ITAD vendors, recyclers and waste handlers, not organizations like George’s, right? Oops, something bad happens (ITAD vendor on the evening news, your equipment in a landfill, etc.). George takes the blame for the bad media attention and is let go.
Judy is the IT Asset Manager at a mid-size organization. Two years ago, the organization started providing smartphones to select employees. Judy was not involved, but management seemed to focus on managing the apps and that seemed to work out ok with some help from others in IT. Last year, a pilot program for BYOD began with the sale force and Judy has heard nothing but complaints. People worry about their personal information, afraid that the organization might have TOO much access. The sales team complains that the IT team only worries about locking things down and not meeting their needs.
These are familiar problems to Judy as she has developed policies, processes and procedures to handle the same issues for the desktop environment and the data center. In fact, she has had to continually modify policy language and some processes because of the mobile projects. But, she does not inquire about the projects or get involved in any way. Management doesn’t seem to realize that the effort needs the same attention as the other IT assets and Judy is happy to avoid the extra work. So what if RFPs and contracts are incomplete, the vendors chosen expensive and their services problematic?
Guess what, Judy? Someone else will have to learn all of the things that you know already and you will eventually become redundant.
Get the education you need and don’t be reluctant to use it.