$8.64 million. That is the average cost to recover after your company suffers a data breach. 

The culprit? It may be corporate IT assets—such as laptops, tablets, and smartphones—that have been retired, lost, or stored away to collect dust. 

Devices like these access valuable corporate data and can pose a threat to your company’s networks if unsecured. 

Any endpoint connected to your network could be the reason your company faces a breach. 

But it would never happen to you, right?

Data Breaches Are Real. They Can Happen To Anybody.

More than 40% of data breaches trace back to lost devices like laptops, tablets, and smartphones. Devices can also be resold to someone outside your organization, leaving your company at risk more than you can imagine. 

In 2021, the Data Breach Investigations Report (DBIR) team analyzed 23,896 security incidents, of which 5,212 were confirmed data breaches.

Data breaches can happen to any company in any sector—finance, government, health, IT, legal, social media—data breaches do not discriminate. For example:

  • Robinhood, a stock trading and investing app, recently lost 5 million records due to a social engineering attack on a customer service representative, where a hacker gained access to the company’s customer support systems.

  • Even the Dutch Government experienced a data breach when two hard drives went missing, which contained contact information, ID numbers, and signatures of 6.9 million registered organ donors. 

Failing to correctly prepare and take the right steps to prevent a data breach could put you in a situation where you don’t have the time, money, or resources to recover. Develop a plan for your company’s retired mobile devices now—it’s easier than you think

How To Strengthen Your Mobile Security Posture 

There are many precautions organizations can take to mitigate the likelihood of a data breach. One of the most critical steps is ensuring the destruction of valuable company data from retired corporate-issued devices meeting the most rigorous standards—NIST 800–88.

Data destruction is the process of destroying data stored on forms of electronic media—like tapes and hard drive disks—so that it’s illegible and cannot be accessed or used for unauthorized purposes.

NIST 800–88 is the most recommended level of data destruction in the industry and refers to the National Institute for Standards and Technology guidelines for media sanitization.

The ​​NIST 800–88 data destruction process is more secure than a device factory reset and takes your company data security to the next level, protecting your organization, employees, and customers.

Companies should also require IT service providers—such as IT asset recovery and disposition vendors—to provide a clean SOC 2 Type 2 attestation report when working with them.

SOC 2 Type 2 refers to the System and Organization Controls guidelines set forth by the American Institute of Certified Public Accountants (AICPA) and is a report that examines an organization’s internal security controls to help companies determine whether third-party service providers can securely manage and protect customer data. 

A clean SOC 2 Type 2 report assures your IT and business leaders that third-party service providers—like Mobile reCell—have adequate security standards in place around infrastructure, software, people, and processes for the protection and privacy of your company’s sensitive data.

Mobile reCell is currently undergoing an active SOC 2 Type 2 audit. A current SSAE 18 SOC 2 report and attestations of compliance will be available upon request once initial audits are complete.

Companies deploying devices to their users need a mobile device recovery solution that complies with data destruction at NIST 800–88 standards. The process needs to be automated, certified, and fully transparent. A software-driven solution tailored for your company is the best plan you can have.

How Mobile reCell’s Solution Reduces The Risk Of A Data Breach

Mobile reCell provides the go-to software-driven solution for corporate-owned IT asset recovery. We offer a software-driven, automated process that follows, verifies, and certifies NIST 800–88 standards for data destruction. 

Our proprietary software provides visibility and detailed reporting through the entire device recovery process—device shipment tracking, functionality testing, NIST 800–88-compliant data destruction, cosmetic condition grading, and reselling or recycling.

Follow us on social media!

See Mobile reCell’s Recovery Platform in action.