Infotheek Data Erasure | Blancco Case Study

Until recently, there had been little emphasis around the importance of securely wiping data from end-of-life IT assets. It was widely believed that reformatting drives or performing a factory reset on mobile devices were adequate and reliable methods to permanently erase data when IT equipment reached their end-of-life. However, these data removal methods are not sufficient and leave residual data easily accessible and susceptible for loss/theft. As a result, individuals and businesses risked both highly confidential personal and corporate data being recovered from end-of- life devices. More recently, tighter regulations around data protection, such as the introduction of Europe’s General Data Protection Regulation, have meant increased pressure on IT Asset Disposition providers to provide secure erasure solutions to meet their clients’ privacy requirements.

With over 8,000 customers across 12 countries and revenues topping €300 million, Infotheek is one of the largest European IT suppliers for IT hardware, software and services. It offers customers the opportunity to reduce the impact on the environment, thus renewing its commitment to corporate social responsibility. In its state-of-the-art European Distribution Center in the Netherlands, Infotheek offers their customers a unique and fully ISO-certified (ISO9001/ISO14001/ISO27001) Asset Recovery Process. Every aspect of the process is covered, including onsite packing, shipping, registration, data erasure, audit, refurbishment and remarketing. These services are offered across the whole of Europe.

Highlights

  • 67% of used HDDs and SSDs hold personally identifiable information*
  • 38% increase in the average number of data security incidents in 2014**
  • $2.5 million in average total financial losses due to security incidents**

* Blancco, The Leftovers: A Data Recovery Study, 2016
** PwC Global State of Information Security, 2016

Challenge

Infotheek was faced with two challenges. The first was that many of its clients were required to erase data from devices using a fully certified erasure method compliant with globally recognized standards, such as HMG Infosec 5. The second challenge was how to increase their competitive advantage in a saturated market by providing a solution that both securely erased multiple devices and provided customers with proof of erasure for a complete audit trail. In order to securely wipe data from a high volume and wide range of IT assets including laptops, PCs, storage media and mobile devices, Infotheek required a holistic data erasure management approach.

Solution

Due to the company’s large size and distributed workforce, it was important that they could perform data erasure activities and due diligence both locally and remotely. That’s where Blancco Management Console proved to be perfect for the job. Blancco Management Console, a cloud- based erasure management portal, added even more speed, flexibility and scalability to the business’ operations without requiring additional internal infrastructure or resources for deployment. In addition, Management Console provided a centralized point of view of all data erasure licenses and the ability to create and modify users, monitor activities and collect certified audit reports.

Results

Over 100,000 IT assets erased every year. Increased trust among citizens. Mitigated risk of high-value data leaks.

“Integrating the use of Blancco in our IT Asset Recovery Services has added reliability and security to our demanding process requirements. We have been able to win some substantial RFP’s where the use of Blancco, including full reporting and certificates, was an important requirement.”

Tom van Leuven, Manager, ITAD & Remarketing, Infotheek

About Blancco

As the de facto standard in data erasure, Blancco provides thousands of organizations with an absolute line of defense against costly security breaches, as well as verification of regulatory compliance through a 100% tamper-proof audit trail. Our data erasure solutions have been tested, certified, approved and recommended by 18 governing bodies around the world. No other security firm can boast this level of compliance with the most rigorous requirements set by government agencies, legal authorities and independent testing laboratories.