A new year is a time for beginnings. Companies start to cement their big projects, new hires are debated, budgets are drawn and hardware is upgraded. This last part of the new year turnover likely receives the smallest share of attention but is arguably the most important. Every stage of hardware upgrading is crucial.

First, companies want to be sure that they are choosing supported, well made products as the entire productivity chain depends on machines working when they're supposed to. However, the new hardware is not the only important aspect of the equation. Every piece of replaced equipment that contains data is also crucial.

Picture the quintessential safe. It is a metal box with some form of lock securely fastened over the door to prevent unauthorized entry. That is every piece of hardware in the office that contains data. And in the office, that lock might be enough. After all, there are people in sight who can watch the safe and every now and then the lock can be replaced with a better one.

However, if this safe is just thrown away without being emptied then suddenly all the pressure is on that lock. Any would-be thief who discovers it will be limited only by his or her patience. Even the best safeguard will eventually be cracked. Keep this in mind when deciding to replace hardware. The safe must first be opened and emptied before it is disposed of. With data more valuable than ever in 2018, it is best to decommission devices thoroughly. 

Knowing which hardware to replace
Not every year needs to be a clean slate in terms of office hardware. Most computers, printers and copiers are designed to work for at least half a decade before an upgrade becomes a priority. The most obvious factor in determining which hardware needs to be replaced still remains "which hardware no longer works properly?".

However, Internet of Things-enabled devices allow for a more versatile network that provides more data. Companies can use this information to help determine the ideal replacement time for a device. For example, if an organization has a printer than can last until November – but November is the month that sees the highest use percentage – it may be better to replace that machine by May. This will allow for proper installation and training before the device is seriously needed.

The other factor that should dictate hardware upgrades is software. After a certain point, old hardware stops working well with newer software. New hardware can also facilitate a pricey software upgrade that may fall beyond budget parameters. Microsoft unveiled in early 2016 that its processors going forward will now be designed to only support a Windows 10 operating system and beyond.

Supporting a modern OS is important as older software tends to be more prone to cyberattack. An article from TechGenix indicated that Microsoft ceased support for Windows XP in 2014. However, as of 2016, more than 10 percent of companies still used the XP OS. Any breach discovered in the OS after Microsoft halted support is still exploitable. This means that hardware that can only run Windows XP must be upgraded immediately.

Phones and tablets also need to be periodically upgraded. Remember that even a private smartphone can contain company data.

"The Proton T-4 utilizes dual magnetic charges to ensure a complete degauss."

The proper disposal method for traditional PCs
Once a company has identified which machines must be replaced, they cannot simply be thrown away. Older computers tend to have hard disk drives. This is also true of many servers.

HDDs work by recording material onto a magnetic disk. The data is then read from the disk and used to complete various tasks. Since the drive operates on magnetic fields, altering this field will render the device unreadable. However, not every magnet works in this scenario. PC Magazine reported that older hard drives needed a concentrated permanent magnetic pulse powered by a 115 volt current.

Newer HDDs are more secure and require more disruption to degauss the hard drive. A more modern NSA-listed degausser like the Proton T-4 utilizes dual magnetic charges to ensure a complete degauss of modern hard drives, even those large enough to store eight terabytes of data. When choosing a hard drive degausser, it is important to choose a quality product. An incomplete degaussing will leave the hard drive still readable and allow foreign agents to access classified data. 

Disposal methods for SSDs and flash media 
However, devices today can store data using other methods. Solid state drives, fusion drives and other flash media can be used to hold confidential information. Since fusion drives rely partly on a HDD, a degausser will still be partly effective. That said, SSDs and flash media do not  use magnetics and cannot be rendered unreadable through degaussing.

SSDs and most forms of flash media are circuit-based. While this data can be deleted or wiped, often times this is not a permanent solution. Deleting the data does not in fact delete the data itself but rather the computer's map to it. The data space is no longer reserved and can be overwritten but is not immediately gone. A skilled person can find and reinstall whatever has been recently deleted.

A more secure procedure is to rewrite the data multiple times. However even this is not a 100 percent effective solution. Data stored on flash media and SSDs must be destroyed and shredded. The ideal item is one that has been tested for proven data destruction efficiency.  The Proton PDS 105 Multimedia Shredder is specially designed to destroy various kinds of data storage. It is fully compliant with NIST, HIPAA, FACTA and PCI regulations.

SD cards are small and can be overlooked. However, any with sensitive information should be shredded and destroyed.

Destroying data in-house
Many third parties offer data destruction as part of IT support services. Despite however reputable these providers may be, there is always added risk in this endeavor. To recall the safe analogy, a company that contracts with a third party is still sending its full safe off of corporate grounds and expecting it to be properly destroyed.

If the provider fails and the data escapes, it will be a long time – if ever – before the company knows what has happened. The most completely secure method is to thoroughly destroy data in-house with tested, approved hardware.

Cybercrime is on the rise and the number of individuals who know how to retrieve data continues to grow. In order to make 2018 a completely secure year, companies should quickly identify which hardware needs to be decommissioned and conduct a thorough data sanitization process.