Top tips: Improving data security across the IT device lifecycle

15.9 billion. That’s the number of connected devices in the world today. Technology at this scale is matched only by our dependence on it to enable our lives, support our economies, and ensure our society continues to function.  

It’s no different for businesses, for whom technology is inextricably linked to competitiveness, growth, retention, productivity, and reputation – just to name a few. 

Of course, the greater our dependence on technology, the greater our exposure to things going wrong. Organisations across the world know all too well how devasting and costly it can be when our digital systems fail. In fact, 82% of European Chief Risk Officers believe cybersecurity presents the single biggest risk to their business. 

The cost of data breaches to organisations is up 10% this year to its highest level ever, with the potential to cost an organisation millions. Data security incidents can damage reputation, customer retention, and opportunities for future business growth too, with 75% of the increase in breach costs due to lost business and post-breach response activities. 

It’s clear every organisation needs a comprehensive, end-to-end cybersecurity strategy, but what’s the best way to achieve it? 

1. Be proactive, not reactive 

74% of CEOs are concerned about their ability to minimise damage from a cyberattack and many organisations find themselves firefighting, which can be both time consuming and ineffective. 

In a recent report, the World Economic Forum criticised “the reactive nature of cybersecurity in the realm of IoT and connected devices”, highlighting it as a significant weakness for organisations hoping to protect company and customer data. 

An effective data security strategy starts at the beginning, from the point of procurement and encompasses the entire IT lifecycle, including IT asset disposition (ITAD). This means organisation must prioritise solutions that offer security by design. 

2. Start with procurement 

Circular technology management services, like our Technology Lifecycle Management solution, help organisations take a whole lifecycle approach to cybersecurity, end-to-end. Instead of owning IT assets outright, organisations acquire devices on a lease contract, which includes an asset management platform for greater control and oversight of devices while in use, as well as secure end-of-life services that keep devices secure even when they’ve been managed out of the business.  

With 40% of organisations experiencing a cybersecurity incident in the last 12 months, the truth is that every business is at risk and every part of the IT device lifecycle is exposed. From the outset, circular technology management solutions include an upfront plan to manage data not just during use but also once devices are decommissioned or no longer in use.  

3. Secure your value chain  

Today, every business is part of a complex value chain that includes supplier and partners of different sizes, capabilities, and locations. Unfortunately, this makes the data security landscape even more complex for organisations, who must now consider how to protect their data far beyond their own four walls.  

Supply chain attacks are becoming more prevalent and with 41% of organisations that have suffered a cyber incident in the past 12 months saying a third party was responsible, it’s clear a whole ecosystem approach is needed. 

Circular technology management providers help organisations to simplify their tech procurement and reduce their reliance on and exposure to multiple suppliers, by offering a whole lifecycle approach to IT management as part of one simple solution.  

4. Remember, out of sight is not out of mind 

These supply chain considerations must now extend to data protection for end-of-life devices too, as high-profile breaches prove out of sight is no longer out of mind.  

Regulators are moving quickly to address these issues, with IT asset disposition (ITAD) identified as a critical factor by the Cybersecurity and Infrastructure Security Agency (CISA), and the EU Cyber Resilience Act prioritising cybersecurity throughout the hardware and software lifecycle. 

Circular technology management services include a range of automated end-of-life services such as secure transport, refurbishment, and data erasure. This is important because it helps to create a secure chain of custody throughout the IT device lifecycle and ensure a transparent audit trail for organisations to monitor, track, and trace devices. 

Want to find out more about our end-to-end approach to data security? Contact us today.