Five years ago, we embarked on a mission to support businesses in adopting a circular approach, making their technology management more efficient, secure, and sustainable. 

During this time, we’ve grown alongside the rapidly evolving digital landscape, learning, and growing with every challenge and opportunity. 

How it started  

Our company was launched in 2019 as part of a strategic alliance between 3stepIT, a Nordic circular technology service provider, and BNP Paribas Leasing Solutions, a global leader in equipment leasing, to support more organisations in transitioning to a circular economy for technology.   

Today, we are in 11 European markets, with operations in France, Germany, Italy, the United Kingdom, Belgium, the Netherlands, and Spain. 3stepIT provides Nordic coverage in Finland, Sweden, Denmark, and Norway. 

More than 3000 businesses have chosen to take advantage of our circular technology management services across Europe, revolutionising how they procure, manage, and dispose of technology and address the impact of their devices.  

And we are just getting started. 

What’s next 

Our refurbishment centres are the beating heart of our business, where our teams give used devices a second life and make them available for resale to secondary users. In 2023, BNP Paribas 3 Step IT’s UK refurbishment centre processed record volumes of devices in its largest year of production as part of the Joint Venture, demonstrating the increasing demand for sustainable and secure technology management services.

Are more refurbishing hubs on the horizon? Stay tuned! 

“These past five years have been incredible for our company. With the support of our fantastic people and partners, we’ve made significant strides in helping European businesses maximise the value of their technology while minimising waste. As we look ahead, we’re committed to delivering innovative circular solutions that drive business success,” said Carmen Ene, CEO of BNP Paribas 3 Step IT. “Our world-class team truly sets us apart, enabling our success, and our unique, strong company culture that unites us and propels our organisation forward.” 

This week marks the end of European Cybersecurity Month, a time to shine a spotlight on the risks of cyber insecurity, the impact it can have on organisations, and the solutions that can be put in place to protect and manage company data.  

These awareness-raising campaigns are important, but all tech leaders know that data security management is an around-the-clock job – there are no days off. The truth is an organisation’s cybersecurity is only as strong as its weakest links, with device users and partner organisations often responsible for vulnerabilities. 

According to Forrester Research, only 7% of security decision-makers are concerned that a lost or stolen asset could cause a breach, even though such incidents account for 17% of all breaches. Add to that Gartner’s analysis, which shows that over the last two years 45% of organisations have experienced cyber-related interruptions to their business due to a third party, and it’s clear that every organisation needs a comprehensive plan to secure its data beyond the walls of its own operations. 

A complex digital footprint 

Our dependence on technology continues to grow exponentially, and as the number of devices organisations rely on increases, so do the risks of managing the security of company and customer across a dispersed digital footprint.  

Data no longer remains on the office desk – it travels with employees to different work locations, home, and on public transport – and as this happens it becomes more difficult for organisations to control and protect.  

It’s not just the number and the mobility of devices that is challenging, but also their connectedness. Our digital systems are becoming increasingly complex and interdependent, which means it only takes one organisation in the value chain to expose others to data security breaches. 

The case for end-to-end control 

Adding to this complex cybersecurity landscape, is the growing realisation that data must be protected across the entire device lifecycle. Yet many businesses still have cybersecurity strategies in place that only get them halfway there.  

While most organisations have strategies to protect IT hardware during its active use, fewer address the crucial steps needed once devices are decommissioned. Many companies rely on multiple suppliers to cover various stages of the hardware lifecycle, resulting in gaps and potential risks. 

A better approach is for organisations to adopt a holistic procurement model that embeds end-to-end traceability of hardware. By knowing exactly what hardware enters the business, companies can track which devices hold data, enabling secure data erasure as part of the decommissioning process. This proactive strategy ensures data security not just during use but throughout the entire lifecycle of the technology. 

Mitigating risk across the device lifecycle 

Organisations can procure digital services on a financing contract through new models, like our Technology Lifecycle Management (TLM) service, rather than through traditional cash ownership. This helps to simplify tech procurement and reduce exposure to multiple suppliers by offering a whole lifecycle approach to IT management as part of one simple service.   

Comprehensive asset management is central to this approach and supports organisations to improve their oversight and control of devices by ensuring IT teams know where devices are, how they’re being used, and when they require updates. We include our powerful asset management platform as part of every TLM contract. We onboard all new and existing devices on to this system to allow organisations to track all devices through a single digital dashboard and create a complete and secure chain of custody. 

When it’s time to decommission corporate devices, our Technology Lifecycle Management service includes a range of automated end-of-life services for secure IT Asset Disposition (ITAD), such as return logistics, refurbishment, and data erasure. This creates a transparent audit trail for organisations to monitor, track, and trace devices while preparing to redeploy devices to new users.   

Achieving true resilience 

Building a resilient cybersecurity strategy today involves navigating a complex landscape and addressing the fast-evolving vulnerabilities introduced by users, partners, and risks throughout the device lifecycle.  

However, the solution doesn’t have to be complicated. 

Organisations can confidently mitigate significant cybersecurity risks associated with device decommission by partnering with a single supplier to deliver a comprehensive, end-to-end IT hardware management service. This approach complements existing in-live cybersecurity measures, establishing proactive safeguards that support the best outcomes for both the business and its customers. 

Want to find out more about our end-to-end approach to data security? Contact us today.  

 

Technology underpins every aspect of an organisation’s performance and having access to the right digital tools is central to being able to thrive and compete.  

It’s no surprise then that technology is a top strategic business priority, second only to profitable growth, and that global IT spending continues to increase, with investment tipped to exceed $5 trillion in 2024. 

But today, developing an IT procurement strategy is more than just operational. Chief Procurement Officers are being asked to mitigate a complex external environment and consider factors like supply chain resilience and transparency, ESG compliance, and data security, all while driving down costs and improving efficiencies. 

Purchase has power 

The way an organisation procures digital assets can profoundly affect its business outcomes, and savvy procurement executives are favouring alternative, circular technology management models as part of their future-fit digitalisation strategies. 

Circular technology management services, like our Technology Lifecycle Management solution, offer an end-to-end approach to procuring and managing enterprise IT. Instead of owning tech hardware outright, organisations acquire devices through a financial lease contract, which includes additional value-add services, such as an IT asset management platform to track and monitor devices while in use and a secure end-of-contract refurbishment service. 

Unlike traditional cash ownership, these IT lifecycle management models allow organisations to access digital tools that are tailored to their business needs and embed flexibility to scale or change their acquisition strategy. 

Circular technology management solutions make budgeting and renewals predictable through planned monthly payments and a strategic approach to tech management across the IT lifecycle. This predictability is gold; after all, if you can measure and plan for it, you can manage it. 

Reducing supply chain pain 

Procurement teams also have a tremendous opportunity to choose suppliers that embed the circular economy into their operating models. This can help businesses make their operations more sustainable and alleviate the disruption felt throughout the global technology supply chain. 70% of CPOs say that procurement-related risk/supply chain disruption has increased in the past 12 months, as shortages and congestion result in difficulty accessing IT hardware. 

Using a circular technology management provider also reduces the administrative burden of dealing with multiple suppliers across the IT device lifecycle and streamlines the tech procurement process, allowing CPOs and their team to focus on other more strategic areas of their work.  

A circular economy for tech 

As the regulatory margins in which organisations can operate within narrow, enterprises are now required to consider the environmental footprint of the IT device lifecycle and use the full force of their purchase power to make a positive social and environmental impact via their own operations and their supply chain.  

Adopting a circular tech strategy kick starts more sustainable and responsible device lifecycle management practices from the point of procurement because end-of-life refurbishment services are included as part of a single contract. 

Our TLM customer’s end-of-contract devices are securely transported to our state-of-the-art refurbishment centres¹ to be securely wiped, cleaned, and repaired if necessary. These devices are then sold through a network of trusted trading partners and may be purchased by a new secondary user. This process potentially extends the useful life of the device and gives users the opportunity the purchase second-hand tech instead of carbon and resource-intensive new devices. 

These end-of-life services can also minimise data security exposure and General Data Protection Regulation (GDPR) non-compliance for organisations, thanks to tracked data sanitization, which is also embedded as part of the contract. 

A resilient digital future 

As procurement teams collaborate with other departments to design a resilient and future-fit IT procurement strategy, there’s a huge opportunity to make more sustainable and secure tech management business as usual. Circular technology management solutions are a win-win for CPOs focussed on managing risk, minimising supply chain disruption and securing competitive advantage. 

Ready to kick start your IT procurement strategy? Contact us today.  

¹ In some regions devices might be processed by accredited partners 

15.9 billion. That’s the number of connected devices in the world today. Technology at this scale is matched only by our dependence on it to enable our lives, support our economies, and ensure our society continues to function.  

It’s no different for businesses, for whom technology is inextricably linked to competitiveness, growth, retention, productivity, and reputation – just to name a few. 

Of course, the greater our dependence on technology, the greater our exposure to things going wrong. Organisations across the world know all too well how devasting and costly it can be when our digital systems fail. In fact, 82% of European Chief Risk Officers believe cybersecurity presents the single biggest risk to their business. 

The cost of data breaches to organisations is up 10% this year to its highest level ever, with the potential to cost an organisation millions. Data security incidents can damage reputation, customer retention, and opportunities for future business growth too, with 75% of the increase in breach costs due to lost business and post-breach response activities. 

It’s clear every organisation needs a comprehensive, end-to-end cybersecurity strategy, but what’s the best way to achieve it? 

1. Be proactive, not reactive 

74% of CEOs are concerned about their ability to minimise damage from a cyberattack and many organisations find themselves firefighting, which can be both time consuming and ineffective. 

In a recent report, the World Economic Forum criticised “the reactive nature of cybersecurity in the realm of IoT and connected devices”, highlighting it as a significant weakness for organisations hoping to protect company and customer data. 

An effective data security strategy starts at the beginning, from the point of procurement and encompasses the entire IT lifecycle, including IT asset disposition (ITAD). This means organisation must prioritise solutions that offer security by design. 

2. Start with procurement 

Circular technology management services, like our Technology Lifecycle Management solution, help organisations take a whole lifecycle approach to cybersecurity, end-to-end. Instead of owning IT assets outright, organisations acquire devices on a lease contract, which includes an asset management platform for greater control and oversight of devices while in use, as well as secure end-of-life services that keep devices secure even when they’ve been managed out of the business.  

With 40% of organisations experiencing a cybersecurity incident in the last 12 months, the truth is that every business is at risk and every part of the IT device lifecycle is exposed. From the outset, circular technology management solutions include an upfront plan to manage data not just during use but also once devices are decommissioned or no longer in use.  

3. Secure your value chain  

Today, every business is part of a complex value chain that includes supplier and partners of different sizes, capabilities, and locations. Unfortunately, this makes the data security landscape even more complex for organisations, who must now consider how to protect their data far beyond their own four walls.  

Supply chain attacks are becoming more prevalent and with 41% of organisations that have suffered a cyber incident in the past 12 months saying a third party was responsible, it’s clear a whole ecosystem approach is needed. 

Circular technology management providers help organisations to simplify their tech procurement and reduce their reliance on and exposure to multiple suppliers, by offering a whole lifecycle approach to IT management as part of one simple solution.  

4. Remember, out of sight is not out of mind 

These supply chain considerations must now extend to data protection for end-of-life devices too, as high-profile breaches prove out of sight is no longer out of mind.  

Regulators are moving quickly to address these issues, with IT asset disposition (ITAD) identified as a critical factor by the Cybersecurity and Infrastructure Security Agency (CISA), and the EU Cyber Resilience Act prioritising cybersecurity throughout the hardware and software lifecycle. 

Circular technology management services include a range of automated end-of-life services such as secure transport, refurbishment, and data erasure. This is important because it helps to create a secure chain of custody throughout the IT device lifecycle and ensure a transparent audit trail for organisations to monitor, track, and trace devices. 

Want to find out more about our end-to-end approach to data security? Contact us today.