The Indian government and public sector organisations spent as much as ₹15.1 crore ($2 million) annually on the physical destruction of solid-state drives (SSDs), a data storage device widely used both independently and within laptops, desktops, and servers, according to new research by Blancco Technology Group.
The research is focused on current practices and policies for device sanitisation within the public sector.
For Blancco’s study, The Price of Destruction: Exploring the Financial & Environmental Costs of Public Sector Device Sanitization, researchers spoke to 596 government IT leaders across nine countries including 70 in India.
The government and public sector organisations represented spent around ₹15.1 crore annually on physical destruction of SSDss and another additional ₹26.5 crore ( $3.5 million) as replacement costs, bringing expenses up to ₹41.6 crore ($5.5 million) for destroying public sector technology, which according to the study is often still usable.
Findings
“With global electronic (e-waste) called the “world’s fastest-growing domestic waste stream,” the study also explores the environmental costs of physical destruction and the public sector’s current engagement with sustainable alternatives. Unnecessary destruction increases IT operations and materials costs for fiscally constrained public sector organisations,” the report said.
“It also fosters increased e-waste creation during a global call for more prudent environmental stewardship,” it added.
40 per cent of Indian respondents agreed that the reuse of SSDs is better for the environment than physical destruction while a significant majority (96 per cent) said that their organisation had defined plans to reduce the environmental impact caused by destroying IT equipment. However, only a quarter (26 per cent) are actively implementing those plans.
Blancco’s study of 70 public sector organisations, represented 19 per cent of central government/regional/local government organisations in India.
As per the study, 32 per cent of respondents said that physical destruction is mandated by law to physically destroy SSDs that contain classified data, so they destroy all SSDs “just in case.” Further, 38 per cent of respondents believe that physical destruction is cheaper than other sanitization solutions. Additionally, nearly a quarter (23 per cent) were unaware of alternative methods of sanitization.
While 41 per cent of respondents in India believed that there is no certified or approved vendor or solution that provides another option for them, the highest from all the countries surveyed. 42 per cent of respondents physically destroy drives because they believe it to be more secure than other data sanitisation solutions while only 14 per cent strongly agree that they have full confidence in their organisation’s physical destruction process (41 per cent slightly agree). 41 per cent of Indian respondents’ devices, or the drives alone, are sent offsite for physical destruction.
The physical destruction of such devices is mandated for security reasons if decommissioned drives were used to store classified or secret data.
“For unclassified data-bearing assets, other data sanitisation solutions are available. On the whole, respondents were well informed of their country’s or region’s respective data protection laws,” it said.
Data practices
However, as per an example cited by the report, 89 per cent of Indian respondents said they reformat drives to sanitise them.
“Unfortunately, formatting alone can still leave drives vulnerable during transport or storage, and much of the data can be recovered with forensics tools easily available online,” as per the report.
“The Indian government and public sector organisations are responsible for handling some of the most sensitive information in the world. But several factors, including accelerated digital transformation, rising numbers of public sector data breaches and global sustainability initiatives, are changing the data management landscape,” said Alan Bentley, President of Global Strategy, Blancco.
“With growing environmental and funding pressures, there is a need for these public sector operations to be more sustainable and efficient while maintaining robust security. Public sector organisations must explore SSD sanitization alternatives to demonstrate prudent use of agency funds and a greater contribution to national and international sustainability efforts,” Bentley said.
“We’ve seen several public sector departments benefit from moving away from destroying data bearing assets to reusing them or building up the circular economy. Our study highlights that there are significant opportunities for policy reform surrounding SSD data protection as national policymakers seek to steward financial, environmental, and data resources entrusted to their care,” added Bentley.
Sustainability
As concluded in the report, governments and public sector organisations globally are committing to sustainability improvements, but very few have pushed forward with their implementation. This is resulting in a high cost of SSD destruction and replacement.
“With governments and public sector organisations under the spotlight when it comes to spending, it is increasingly urgent that they consider sustainable alternatives that extend device life, maintain lock-tight data security on end-of-life SSDs and, ultimately, save public services millions of dollars,” it said.
The study was commissioned by Blancco Technology Group and conducted independently by Coleman Parkes Research in December 2021 and January 2022. Data was gathered from 596 government employees from nine countries: the United States (U.S.), Canada, the United Kingdom (U.K.), France, Germany, Japan, Singapore, India, and Australia. Fifty-five per cent work for organisations between 1,000 and 4,999 employees, and 45 per cent work for organisations with more than 5,000 employees. The countries represent the North America, Europe, and Asia Pacific regions in which Blancco operates.
Published on
March 12, 2022