The embodied carbon of your electronic equipment is the sum total of the energy required to manufacture a product. You can better understand the full environmental impact of your purchases by understanding this. Below, you can find out how embodied carbon can be calculated and what it means for the environment.

When talking about the environmental impact of our daily commute, we only talk about the carbon emitted from our car’s exhaust pipe. Likewise, we talk about how the switch to electric cars would reduce the carbon emissions from our commute. However, this only takes into account the operational carbon emissions from the fuel used to power our cars. We don’t consider the carbon emissions from the manufacturing plants for both types of car. And what about the energy needed to mine and refine the raw materials? This is what we call embodied carbon. This can alter the way we think about the environmental impact of our purchases.

Embodied Carbon, sometimes known as Embedded Carbon, is a calculation of the carbon emissions from the manufacturing process. Ultimately, this means that there are other factors to the carbon emissions that come from your purchases. For example, the amount of tantalum required for 1,000 printed circuit boards creates 301.6kg of greenhouse gases (CO2-eq). Each of these printed circuit boards would be used in a PC, which adds to the carbon footprint of the final product. Therefore, the full environmental impact of your PC goes beyond its energy use. If you sum together the footprint of each component, you will have the material footprint of one PC. Multiply this out for a suite of 2,000 PCs and laptops and you can begin the see the full impact of your IT suite on the environment. Is there a way to limit this environmental impact?

Once a PC or laptop has been manufactured and distributed, the majority of its carbon footprint has already been accounted for. This is the energy from the material mining, the manufacturing process, and the delivery to your facility. You begin to add to that material footprint through the energy required to run them. Many companies have realised that they can lower their operational carbon emissions by making some key changes. These changes include using renewable energy or switching machines off when not in use.

However, you can still make the most of the energy used to manufacture the product. You can do this by re-using the product itself or any of its composite parts. This gives these materials a second lease of life and reduces the material footprint of new products. Additionally, using second-hand IT lowers the material footprint of your IT estate as these products have an extended lifetime.

Calculating the total embodied carbon of a PC or laptop is not easy. Due to the number of different materials and components in these devices, keeping track of the carbon emissions for everything can be tricky. Therefore, getting the most accurate result would require a database of each different element with their specific carbon footprint. However, this would be very difficult to achieve. Alternatively, manufacturers will provide a breakdown of the key carbon footprint of each aspect of a PC. For example, the table below shows the values for a Dell Optilex 7760 All-in-One Desktop:

With this knowledge of the material footprint of your IT, you can begin to lower the environmental impact of your IT estate. Firstly, by extending the use period of these devices you could lower the overall impact of a PC or laptop. This is because over half of the carbon footprint of a device comes from the initial manufacturing rather than the use. This means that switching to renewable energy only tackles a small proportion of the problem. Extending the lifecycle of these PCs would flip this on its head. Using a PC over a period of 8 years would cause approximately 1,000 kg CO2-eq compared to using a PC over 4 years causing 720 kg CO2-eq.

Keeping track of the carbon footprint of a device over its lifetime remains difficult. This is particularly true when the product has been repaired using new components. Introducing a Digital Product Passport could be the solution to this problem. This would create a centralised bank of information for each device. This information would include the carbon footprint of each component within the device. By using this technology, you would be able to understand the full extent of the embodied carbon in your devices at the touch of a button.

Are you upgrading your IT and thinking “what do I do with my old IT equipment”? Or do you have old IT taking up valuable space as you move back into the office? A quick Google search will produce a long list of IT Asset Disposal (ITAD) companies ready to take control of your end-of-life IT. But how do you know which of them to trust? What makes one ITAD better than another?

Your IT holds valuable, confidential information about your business, your employees, and your customers. Ensuring that it is disposed of through the right channels is vital. Keeping your data secure is essential and failure to do so can have some severe consequences. That makes choosing the right partner to dispose of your old IT a difficult choice. Make sure that you are making an informed choice by following these simple steps.

Before we dive into picking an ITAD partner, we need to know what an ITAD is. ITAD stands for Information Technology Asset Disposal. Simply put, ITAD is the process of disposing of your IT equipment in a secure and environmentally safe way. While you may have processes in place to protect your data on your servers, it is just as important to protect your end-of-life assets. Therefore, ITAD firms are the final line of defence for your IT equipment and your cybersecurity.

ITAD companies have several processes for disposing of your IT assets. ITAD firms provide solutions for hard drive shredding, recycling in line with the WEEE directive, and secure data erasure, helping businesses when they upgrade their IT suite by providing a secure channel to dispose of their IT.

When choosing to trust a new partner to manage your IT Assets and Confidential Data, you face a dilemma.  How do you know you’re making the right decision?  What criteria, industry guidance or performance measures do you work from, to ensure your decision is solid?

Tips for what to look out for when choosing an ITAD partner are:

• Accreditations
• Expertise
• Price
• Environmental Policy
• Traceability and Transparency
• Security Practices

Before we dive into picking an ITAD partner, we need to know what it is. ITAD stands for Information Technology Asset Disposal. Simply put, ITAD is the process of disposing of your IT equipment in a secure and environmentally safe way. ITAD firms will take your end-of-life IT and ensure that it is safely disposed of.

ITAD companies have several processes for disposing of your IT assets. ITAD firms provide solutions for hard drive shredding, recycling in line with the WEEE directive, and secure data erasure. ITAD companies help businesses when they upgrade their IT suite by providing a secure channel to dispose of their IT.

One of the first things that you want to know about an ITAD partner is if they have the relevant accreditations. These accreditations mean that the ITAD firm has been audited and vetted to meet industry standards set by experts.

Here is a list of some of the key accreditations to look out for:

• ISO 9001 – setting out the criteria for a quality management system. This includes a focus on the customer and internal audit processes for continual improvement.
• ISO 27001 – this standard sets out the processes for managing information security. As disposal companies deal with your confidential data, it is essential that they have this accreditation.
• Blancco partner – Blancco is the market-leading data erasure software and is approved by the National Cyber Security Centre. Ensure that your ITAD partner is using this best-in-class software.

These accreditations give you peace of mind that your partner is up to the highest standard. Make sure that these are still up to date and are visible on their website to give yourself peace of mind that you are working with an expert.

On top of having all the relevant certifications, you can trust an ITAD firm that has years of expertise under their belt. Companies with a long history in the industry will have better connections for reselling your IT equipment, more efficient processes for collecting and disposing of your IT and have a superior understanding of your needs. Remember, there is a reason that these companies have been around for so long. You should be aware of the company’s track record, if there is any uncertainty you should avoid these companies. Moreover, you should ensure that your ITAD partner can provide you with certifications on the topics of erasure and recycling electronic devices securely.

Governmental regulations are constantly changing, so make sure you are working with an ITAD that has a strong knowledge of the market and who remains aware of these changes as they happen.

Make sure that you unlock the value in your end-of-life IT. Most of your IT equipment will have re-sale value in the secondary market. Any ITAD firm worth their weight will have a financial rebate policy whereby they will return some of their profit back to you.

Additionally, some firms will offer you the opportunity to donate your old IT equipment to a charity or organisation of your choice. These services allow you to improve your corporate social responsibility practices using assets you already own. Building your corporate image can become even easier as ITADs take care of every step, from collection of your assets, to delivering them to the organisation of your choice.

Environmental reporting is one of the most important aspects of modern business. Working with a partner that understands the importance of this is therefore essential. Choose an ITAD company that follows a zero-landfill policy. This gives you peace of mind that your waste IT has been recycled properly in line with the WEEE directive.

To guarantee that your IT is being handled as you expect it to be, make sure that your ITAD partner is transparent about their practices. This means making sure that you have access to a suite of reporting to follow the full chain-of-custody of your data-bearing assets.

Ensuring that every step throughout the ITAD process is fully documented with certificates for both the destruction and wiping of drives helps to maintain security throughout your supply chain. Be aware of the software being used by your ITAD. The company should be using highly credible software such as the world leading Blancco overwriting software.

Remember that your end-of-life IT houses valuable data for your business. Therefore, you should choose a partner that follows strict security practices throughout the process. This could include having unmarked, GPS-tracked vehicles that collect your assets to ensure they are safe at all times. It could also include having secure holding facilities for your assets prior to the data wiping process. Think about what level of security you expect with your current IT assets and make sure that your ITAD partner aligns with those standards.

It is important to choose the right ITAD partner for your company as you do not want any of your secure data to get leaked or not processed in the correct format.  You want to be confident that your ITAD partner can provide you with the exact processes and audit trails that your equipment has went through until the end process e.g., re-used, recycled etc.

If your data is not disposed of through the proper channels, it could cost you £17.5 million or 4% of your annual turnover. Not to mention that your reputation as a credible brand could be tarnished following one of these incidents. Ensuring that your data is disposed of correctly is key to keeping your business safe.

At Re-Tek Limited we provide a wide portfolio of offerings to our customers. As previously stated, we have all of the main, important accreditations that allow us to do our work securely and effectively, which is GDPR aligning. Services that we offer include:

• Secure data erasure
• IT asset re-sale and reporting
• WEEE Recycling, which is wiped to NCSC standards
• Secure Shredding
• Decommissioning

The key to keeping your data safe is making sure that it does not fall into the wrong hands. A strong password is the first step when it comes to stopping people from stealing your confidential information. If your password is not strong enough, hackers can easily get into your system to steal your personal data. Make sure that your passwords are changed regularly to keep your systems safe.

There are several methods that hackers will use to try and access your system. Understanding these methods will help you to protect against them. This will give you an insight into what the main threats are to your cyber security.

• Brute Force Attacking – Hackers will try to crack your password by guessing. They will therefore try generic passwords first to try and gain access to your system. Examples of generic passwords include ‘Password1’ or passwords that contain personal information, such as your name or your company. Most of these attacks use automated processes to attempt different combinations of words and numbers. Ensure that your passwords are difficult to guess to keep your data safe.
• Dictionary Attack – This is very similar to a brute force attack as hackers will try to guess your password. However, instead of trying common passwords, they try a much larger selection of words. Effectively, hackers will run a system which tries random combinations of common words or phrases. Therefore, passwords with common phrases are high risk. Make sure that your passwords are unique so that they are much harder to crack.
• Phishing Scams – The most common type of cyber-attack, phishing scams usually take the form of emails sent to employees. This usually involves an unverified link or document. These links typically contain malware which will infect your system. Clicking on a link or document gives hackers a backdoor entrance to your internal systems and data.

In order to keep your data safe from hackers, it is essential that your employees use strong passwords. Since hackers will often try a series of common words and phrases, passwords should not be overly simple. This means making sure that passwords contain a mixture of upper- and lower-case letters, numbers, and symbols. This will protect you against the two most common types of attacks: brute force and dictionary attacks. Encourage your employees to set longer passwords as these are much harder to crack. Have an internal password policy to ensure that everyone is setting strong passwords.

Adding an extra step to your security process can save your data. Where possible, use two-factor authentication. Most services offer this as standard, including Google and Microsoft. It works by sending a text to your personal mobile when a new device signs into your account. Two-factor authentication means that even if hackers manage to crack your password, they will not be able to access your private information. Use password managers to avoid data leaks. Password managers allow you to use much stronger passwords without having to remember them. Once you log in to a password manager, you will have access to all of your passwords for your websites and subscriptions. Most password managers will provide suggestions for strong passwords when you sign up to a new website. Google has now built this into their service which helps improve your cyber security.

Your employees are most at risk of giving away sensitive information about your company. Proper training is key to stopping your employees from leaking your data. Ensuring that everyone at your company understands the threats to your cyber security is therefore vital. Make sure to train your employees throughout the year. In particular, make sure your employees are aware of any new cyber threats as they are uncovered.  This could include new phishing scams which are one of the biggest threats to the security of your data.

All companies will have to face phishing emails on an almost daily basis. Here are some of the warning signs to look out for:

• Abnormal email addresses – Avoid clicking on any links from unfamiliar email domains. If you do not recognize the sender, do not open the link. An unfamiliar email domain is the biggest red flag that you have received a phishing email.
• Spelling and Grammar Mistakes – Be aware of emails that contain typos or poor grammar. If an email seems to come from a reputable company but is littered with these errors, it is likely a phishing email. Additionally, be conscious of the formatting used in the email. If you receive an email that differs from emails you have previously received from a company, report it to your IT manager. Hackers will likely slip up in this area and follow a different style to the company they are impersonating.
• Strange Openers – Most of the time emails will open with a personalized greeting when sent to your private email. For example, most emails will begin “Good Morning Mr Smith” or “Hello John”. Typically, phishing emails will be sent to a large database of people. This means that emails will not be personalized to you. Therefore, if an email begins with a more generic greeting, be wary. Avoid clicking on links in emails that begin “Dear Sir/Madam” unless you recognize and trust the email address.
• Double Check Link URLs – Before you click on a link, check that it comes from a trusted domain. For example, if you receive a link to a company website, make sure that the URL matches the company name. If you are ever in any doubt, do not click on the link.

As stated before, your people are one of the biggest risks to your cyber security. Therefore, you should restrict access to certain documents and folders on your servers. By restricting access to these files, you ensure that your data does not fall into the wrong hands. This means that your employees cannot gain access to confidential information that does not relate to their job role. This is important as it limits the volume of information available to hackers in the event of a cyber-attack.

In addition to limiting access to certain files, ensure that you are tracking who accesses each document. This can provide you with insight into any potential data breaches. Using file auditing software allows you to monitor any unusual behavior in your internal systems. In the unfortunate event that you are victim of a cyber-attack, tracking your files can help you figure out which accounts have been breached. This will also help you to determine what information has been compromised.

Ensure that your data is backed up regularly. In the event of a cyber-attack, you will still have vital information that you need to continue with business as usual. Cloud-based solutions are the most efficient solution for this. These allow you to back up your data regularly and efficiently. Backing up your data also helps in the event of a systems failure.

With working from home (WFH) becoming the standard for a lot of organisations, it is important to understand the potential risks that come with this new style of working. Ensuring that you protect the privacy of your employees while they work at home is essential.

Firstly, you should ensure that your employees connect to your servers using a Virtual Private Network (VPN). This makes sure that their connection to the internet is secure. VPNs provide a more secure, encrypted connection for your employees, keeping your data safe. Also, make sure that confidential information is not being shared with other members of the household. Remember, information should be on a need-to-know basis.

The previous tips have looked at protecting data on your active IT equipment. However, it is equally important to ensure that your data is erased when you dispose of your IT equipment. Therefore, you must securely erase any traces of your data from your IT equipment at the end of its use. IT Asset Disposal companies, or ITADs, provide these services or you. ITADs will securely erase your data in one of two ways.

Firstly, using government-certified data erasure software known as Blancco, ITADs can securely wipe your data from a hard drive. This software erases every sector of your hard drive to ensure that all of your confidential information is removed.

Secondly, ITADs can shred your Hard Drives. Using government-approved hard drive shredders, ITADs are able to shred your data-bearing assets down to as little as a 6mm shred size. This makes it impossible for anyone to recover data from your old hard drive.

Although you may be finished with a laptop or PC, others may be interested in gathering the private information stored on them. Therefore, it is essential that all data is erased from a device. If residual data remains on a device, hackers could begin to piece this together. For example, one saved password on a laptop could compromise your entire future IT estate. Therefore, it is vital to your cyber security that you take care of your end-of-life IT assets.