DATA DESTRUCTION
CONTINUED
Reseller conversations When resellers are talking to customers about data destruction, there are certain things that should be highlighted. For instance, regulatory and legal obligations, such as those under GDPR, HIPAA, or industry-specific frameworks, should be noted, says Ross. “Resellers should explain the potential consequences of non-compliance, including fines and reputational damage,” he adds. “Data security and confidentiality should be emphasised, particularly when dealing with outdated or decommissioned equipment that may still contain sensitive information. It’s also important to explain the role of certifications and standards, such as NIST or ISO, and the value of receiving a certificate of destruction as proof of compliance. “They need to remind their customers that data disposal isn’t just a compliance issue – it's a core trust and competitive differentiator. Organisations demonstrating impeccable data governance increasingly gain competitive advantages.” Gavin says resellers should act more as consultants, not just solution providers. He adds that resellers should help customers take ownership of their data risks, identify specific product types and understand what they require to meet compliance, recommend solutions based on risk appetite and the potential legal exposures and regulatory impacts (and how to lower them) and offer solutions that provide full traceability and even forensic-level proof of absolute data destruction. “Emphasise that environmental impact matters too,” he adds. “Disposal can and should support sustainability by reusing or lowering the environmental impacts of processing and equipment destruction. “Also, make it clear to customers that data security compliance is not about picking a standard to adhere to or following best practices and guidelines. It helps, but it is about getting involved and choosing which path your security should follow.”
John agrees, adding: “Use domain knowledge to help steer the customer into the right decisions through advisory. So many times I’ve heard ‘my customers aren’t asking for this’, when in truth most customers don’t know that the options are available. Be pragmatic, be knowledgeable, be prepared to bring in those who know. Challenge their thinking and you may reshape the whole opportunity.” Alyssa says that organisations need to have comprehensive data governance strategies, and resellers can and should discuss this with their customers. “First, customers need to have a deeper understanding of their data, including a birds-eye view of permissioning, security exposures and more,” she says. “They can do this by using tools that perform this work automatically, generating reports that describe different levels of exposure across the organisation. “Second, when customers understand their data and where the main issues are, partners can help them to implement practical steps to do something about it. This includes eliminating or destroying outdated data and tagging and classifying data according to relevance and risk. “Once this is complete, the third step is to keep going and to perform this work on an ongoing basis. Organisations keep accumulating data, so this isn’t a one-and- done thing; it needs to continue on an ongoing basis.” n
Alyssa Blackburn program manager, information management
avepoint.com
Customers need to have a deeper understanding of their data, including a birds-eye view of permissioning, security exposures and more. “ ”
28
Powered by FlippingBook