Situation
A major bank lost a backup tape during their disposal process. When investigating the issue, it was determined that there were gaps in their data security practice associated with IT asset disposal.
Background
The bank had been using a local recycler that provided industry-standard reporting at the completion of each job. The process of working through an actual data loss event showed them that their documentation was inadequate to resolve the tape loss discrepancy. It also exposed the lack of accuracy in the reporting they received. The bank knew it needed a more secure process to dispose of equipment and was looking for a new solution.
Assessment
Our team immediately began working closely with the bank’s Data Center Manager to understand their current processes. Brass Valley created a strategy for improvement, implemented the plan, designed new policies and safeguards, and closed the gaps one by one.
Result
Pleased with the results, the bank asked Brass Valley to help it become the first in the country with an in-house managed security provider model. In its main data center, the bank allocates space for the identification of equipment, documentation, erasure and destruction. We also designed a white glove service for items that couldn’t be processed in-house, ensuring that deinstalled equipment arrives at Brass Valley through their secure logistics service. As a result, the bank minimized exposure to risk, passed audits, and was able to resell equipment.
Quote
“We have more control now…better documentation and a better defensible process that complies with regulations,” Data Center Operations Manager.
