Many organizations are modifying their policies to provide permanent remote work options for their workforce. One critical area of operations impacted is the on-premise data center, as the move to remote work hampers the constant maintenance that on-site centers require. Fredrik Forslund, VP of enterprise and cloud erasure solutions, Blancco, discusses the expedited shift from the on-prem model to the public cloud and explains four considerations for enterprises when embarking upon the process of data center decommissioning.
Today, many organizations are reconsidering their operational policies as millions of U.S. workers continue to work from home since pandemic-driven office closures began in March 2020. A growing number of global enterprises, including Microsoft, Morgan Stanley, and Facebook, have stated or implied that they will modify their policies to provide permanent remote work options for their workforce. The sudden pivot to remote operations that was initially viewed as temporary is now becoming the norm.Â
One critical operations area impacted by this trend is the on-premise data center. Lockdowns and social distancing policies have limited the ability to perform the constant maintenance that on-site centers require. This has driven interest from companies to shift from the on-prem model to the public cloud. According to Flexera’s 2020 State of the Cloud reportOpens a new window , more than 50% of enterprise workloads and data are expected to be in a public cloud within 12 months, and 59% of enterprises expect cloud usage to exceed prior plans due to COVID-19.
The accelerated move to the cloud has also increased the demand for data center decommissioningOpens a new window . Projects that have been on hold or scheduled to take place over months are instead being planned to happen over several weeks.Â
What’s important to remember, especially with accelerated timelines, is that decommissioning a data center is a lot more complicated than shutting down servers and switches. Many assets in the decommissioning process will inevitably bear sensitive data that could potentially be breached.Â
When embarking upon the process of data center decommissioning, organizations should be mindful of the following four key considerations:
Data Risks Don’t Cease When Moving Data To the Cloud
While the cloud provider manages and has accountability for the security of its infrastructure, the primary responsibility and liability for data in the cloud falls on the organization that collects, stores, uses, and shares the data. This responsibility covers the full lifecycle of data, including data migrations from physical data centers to the cloud.Â
Many organizations often end up with outdated IT equipment sitting idly in their data centers — 80% of large enterprise IT decision-makers admitted to accumulating old assets in a surveyOpens a new window by Blancco and Coleman Parks last year. What’s more, three of four respondents confessed that a quarter of their RMA drives stored onsite were only there because the IT staff weren’t following the required processes to return them to the manufacturer.Â
Unfortunately, many organizations fail to recognize that once the migration is complete, and a data center is de-commissioned, corporate data likely still remains on the retired hardware assets.Â
Learn More: Benefits of an Enterprise Low-Code Platform for Manufacturers
Beware of Cloud Providers That Lack a Well-Documented Data Management Process
Before choosing and moving data to a cloud environment, an organization should fully investigate the cloud provider’s capabilities and processes for meeting data privacy regulations. The GDPR, for example, mandates that the data controller (data owner) needs to verify that the data processor (external cloud provider, for example) has the right security measures in place.Â
What happens if you need to do a partial or complete cloud exit from a specific provider? Are they able upon request to securely locate, extract, and remove specific data with an auditable trail? Moving data to the cloud does not relieve an organization of this responsibility. Remember, not all clouds have the same policies and asset- or data-management processes in place.Â
When moving data to the cloud, an organization must verify by reviewing the provider’s documented process that the process includes a full record and audit trail of all the data stored with the provider, as well as a data exit clause.
Establish Clear Ownership for the Decommissioning and Data Migration Processes
All organizations must entertain the possibility of a lack of understanding about how data remains a liability on decommissioned assets. Hence, it is imperative to designate a qualified individual, such as a data protection officerOpens a new window , to take responsibility for the processes of migrating data to the cloud and decommissioning of a data center.Â
To alleviate the potential for major liability from a data breach or leak, this person should be charged with identifying and documenting risks, ownership, and team roles across the data center decommissioning and cloud migration process. This will also provide complete clarity throughout the process regarding who to go to with questions or concerns about security, compliance, and other issues that may arise.Â
Learn More: Moulding AI To Shape the Future of Business
Recycle Rather Than Destroy
When decommissioning a data center, organizations must determine what to do with old IT equipment. Often, the hardware is physically destroyed to prevent sensitive data from being recovered and used for malicious purposes. For example, recent Blancco researchOpens a new window revealed that over a third of the world’s largest organizations physically destroy outdated IT equipment because they believe it is “better for the environment.â€Â
Furthermore, despite 83% of the world’s largest organizations having a Corporate Social Responsibility (CSR) policy in place, three-quarters do not recycle/reuse their end-of-life equipment at all. This is unfortunate because this method of disposal contributes to a growing e-waste problem globally.Â
According to the World Economic Forum, thousands of tons of e-waste are shipped worldwide to be processed by the world’s poorest workers. This creates pollution as well as hazardous conditions for those workers. When decommissioning a data center, organizations should consider recycling from a CSR perspective and the potential financial benefits of recycling, as some organizations offer incentives, such as carbon credits.
The changes brought about by COVID-19 as well as better data security and protection, scalability, increased collaboration, lower IT costs, and other reasons have more organizations than ever moving their data to the cloud and decommissioning data centers.Â
To ensure a smooth and streamlined journey, organizations must leverage best practices that address data security, data management, and CSR. Doing so will ensure that they meet regulatory requirements for data protection and privacy and safeguard their reputations and future activities.Â
Let us know if you liked this article on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!