On one level, IT asset disposition (ITAD) is fairly self-explanatory: Organizations run on lots and lots of hardware, software, data, and other technologies. Technology doesn’t last forever, and large enterprises, in particular, need a process for efficiently disposing of retired assets.
In the simplest sense, ITAD exists for practical reasons; It’s not like companies can just pile up old desktops and laptops in an empty conference room in perpetuity. But there are higher-order reasons for ITAD, including security, regulatory compliance, risk management, and corporate responsibility/sustainability, to name a few.
In this article, we’ll dive deeper into ITAD – what it is, why it’s important, and how it is evolving in 2023 and beyond.
What is IT Asset Disposition (ITAD)?
ITAD is a longstanding fundamental of IT operations and management. As a specific discipline within the broader practice of IT asset lifecycle management (ITAM/ITALM), ITAD encompasses the proper disposal or repurposing of IT hardware, software, data, and other technologies and equipment once it reaches its end-of-life stage. “Disposition” can take various forms, including resale or remarketing, recycling, data sanitization/data erasure, or actual IT asset disposal.
An “IT asset” includes a diverse range of technologies and information: IT hardware such as servers in a data center, networking equipment, employee laptops, and other devices, software applications, and – increasingly – massive amounts of data. It can also include a wide range of other technologies, something we’ll cover a bit later.
ITAD is essentially the process of disposing of technology in a secure, cost-effective, and sustainable manner.
Why ITAD Matters
That last item speaks (loudly) as to why ITAD continues to be so important. For starters, it is critical for cost management, procurement planning, and other needs. An effective IT asset disposal program is key to planning and forecasting new IT acquisitions and getting the best pricing, for example.
It’s also an increasingly vital part of an organization’s overall security and, in many industries, compliance. There’s an argument to be made that ITAD is more important today than ever, thanks to an ever-expanding definition list of potential “assets” that an ITAD program covers.
In the age of cloud, distributed computing models, distributed operating models (e.g., remote and hybrid work), and exponentially growing data, an organization ignores ITAD at its own peril.
What Devices and Technologies Does ITAD Cover?
ITAD can cover a wide range of hardware, software, and data, including but not limited to:
- Computers and other IT hardware, such as desktops, laptops, servers in a data center, and so forth.
- Other physical and virtual infrastructure, such as networking equipment or external hard drives.
- Mobile devices, such as phones, tablets, or the growing number of wearable or otherwise connected sensors and devices, such as a GPS device in a company vehicle.
- Software, including all manner of corporate applications and software asset management tools.
- Corporate data, and especially any sensitive data.
- A wide range of other devices and equipment, such as point-of-sale equipment in a retail setting or IoT devices in a manufacturing environment.
That list evolves regularly, too – a trend we’ll revisit below.
ITAD and Corporate Responsibility
ITAD has long been associated with data security: Long before the advent of big data, ubiquitous distributed offices, and the like, improperly disposing of hardware like desktops or laptops could lead to data breaches, leaked credentials, and other risks.
That’s as true as ever. But ITAD is also playing an outsized role in corporate responsibility and sustainability, including ESG initiatives.
That means you’re likely to hear more and more about ITAD as an enabler for things like e-waste, responsible recycling, and circular economy initiatives – especially given the sheer quantity and scale of any large enterprise’s technology portfolio.
What's Covered By ITAD Companies
ITAD providers typically offer a menu of ITAD services that can support CTOs and their teams by handling much of the operational effort and expertise needed to run an effective ITAD program. ITAD companies can provide:
- Repair/refurbishing services that extend end-of-life timelines and maximize IT investments.
- Electronics recycling and e-waste services that minimize technology waste in landfills and other environmental impacts.
- Secure remarketing and resale of hardware and other equipment for value recovery, corporate sustainability, and other purposes.
- Secure data destruction, such as data erasure of hard drives and other assets that might be reused or recycled.
- General IT asset management services.
- Expertise in regulatory compliance by both jurisdiction and industry requirements.
What’s New in ITAD
While ITAD has been around in some form for decades, it’s not a static process. That’s because IT itself isn’t static – the definition of “IT asset” has shifted and expanded in recent years, for example. It’s no longer simply a matter of tracking, managing, and disposing of on-premises assets on a corporate campus or in a data center.
“As organizations increasingly rely on transient assets, including containers and cloud instances, they must reassess their IT asset tracking procedures,” Tackett says.
Ingbretsen shares three other emerging trends CTOs and their teams should bear in mind now and in the year ahead.
- Understand how ITAD strategies are impacted by ESG reporting and other external requirements. ITAD has always been a smart business and technology practice. But it’s increasingly a required practice because it directly relates to ESG reporting requirements, regulatory and security frameworks, and more.
Ingebretsen points to the Corporate Social Responsibility (CSR) Directive in the European Union as a prime example, which mandates that large companies operating in the EU report on their environmental and social practices and impact.
“CTOs will need to implement ITAD processes that integrate CSR practices into their operations and supply chain management,” Ingebretsen says. “They will need to ensure that their processes for the disposal and recycling of electronic waste are environmentally responsible, comply with all relevant regulations, and are socially responsible in their business practices.”
This means ITAD connects not only to issues like environmental sustainability but also to issues such as workplace safety and living wage initiatives.
While CSR is specific to companies operating in the EY, Ingebretsen and other experts expect it to be part of a global wave of legislation and regulation aimed at greater corporate responsibility and sustainability.
- Know how ITAD connects to net-zero initiatives and other environmental actions. ITAD will be a crucial process for companies working toward net-zero emissions or carbon footprints, whether because of regulatory requirements or because it is a good business practice that can also optimize technology costs.
“ITAD can also help companies reduce their carbon footprint by optimizing the lifespan of IT equipment,” Ingebretsen says. “By extending the useful life of IT assets, companies can reduce the need for frequent replacements, which can significantly reduce the amount of carbon emissions associated with the production and transportation of new equipment.”
When IT asset lifecycles can’t be extended, recycling becomes key – including the ability to report on the positive impacts. “A must-have for ITAD is 2023 is reporting of the carbon savings from reuse and recycling so that CTOs can contribute to corporate sustainability reporting,” Ingebretsen says.
- Stay current on data security best practices and frameworks. Finally, it’s important to remember that because technology and data are constantly changing, the methods of securing that technology and data evolve, too. Ingebretsen notes that the NIST SP 800-88 guidelines are among the most widely adopted practices for sanitizing media. But that framework hasn’t been updated in nearly a decade, he adds, so IEEE recently released the IEEE 2883-2022 standard to bridge the gap.
“IEEE 2883-2022 provides guidelines for securely clearing data on logical and physical storage technology developed after the NIST guidelines were last revised,” Ingebretsen says.
The Bottom Line
IT asset disposition is an evolving mainstay of enterprise IT that plays a growing role in data security, corporate responsibility, and more.
Join The CTO Club newsletter for more ultimate guides and ITAD best practices.