Data Security

Comprehensive data security in IT asset disposition

Data security is the single most important aspect of any IT asset disposition program.

Each PC, laptop, server, storage system, or mobile device retired poses a potential data security risk, presenting an opportunity for sensitive personal and corporate information to be compromised. Monetary fines and damage to brand equity can quickly mount, costing organizations millions of dollars. That’s why risk-sensitive companies turn to Arrow to manage the proper retirement of IT assets.

The data an organization collects and stores must be handled with the utmost care, both on network and off network. In fact, once an IT asset is removed from the organization’s network, its data no longer resides within the protection of network or firewall security and is at higher risk for loss.

To protect our clients’ brand reputation, Arrow holds numerous certifications and performs proven processes to protect data-bearing devices during the IT asset disposition process. We have assembled a global cross-functional team that includes experts from our quality, compliance, security, engineering, and operations teams. We apply the most current sanitization methods available to ensure complete erasure of all data-bearing devices. And as a leader in the industry, Arrow is constantly pursuing and implementing the latest sanitization technology available in order to provide the most comprehensive brand protection to our customers.

Data Erasure and Sanitization

All data erasure is done in strict accordance with NIST SP 800-88 standards at our ISO 9001- and ISO 14001-certified facilities. Our data-erasure labs use the most technologically advanced equipment and processes in order to ensure that data-bearing equipment is properly sanitized and erased to the most stringent global standards.

To ensure the highest level of quality, all asset types are separated and erased according to their unique requirements. All assets are system audited for successful erasure, with random samples removed for further stand-alone compliance audits. If a device is nonfunctional or cannot be successfully sanitized, it will be destroyed to prevent any data exposure. Our data overwrite process is audited on a daily basis to ensure compliance and quality, and certificates of erasure and destruction are issued for your permanent records.

With reuse as our goal, we focus on retaining the residual value for all client devices. Once data is fully erased, devices may be remarketed through our robust global network. If remarketing is not an option, we ensure that drives are properly destroyed through our secure destruction process.

SSD – Solid-State Drives

SSDs can be successfully erased in order to promote reuse and provide customers with maximum residual value. These devices are erased in compliance with NIST 800-88 standards and backed by third-party forensic analysis.

Key benefits of SSD erasure:

  • Increased equipment value
  • Improved client satisfaction
  • Standardized solution for all global AVR clients
  • Lab-verified data sanitization solution

Mobile Devices

Mobile devices have a much shorter life span and require different data security processes than standard desktops and laptops require. Arrow provides the most current sanitization methods available to ensure the erasure of data on mobile devices.

Onsite IT Asset Disposition

For the highest level of data security, all our data destruction and erasure services can be performed on-site, at the customers’ location.


When erasure of hard drives and data devices is not secure enough, Arrow offers extreme data protection by destroying and shredding disk drives in accordance with strict requirements. All shredded particles are properly recycled.

Hard-drive shredding usually occurs in highly regulated markets where optimal data security is a necessity. Drives designated for destruction are shredded into small particles, then properly recycled in an environmentally compliant manner.

With your company’s security and reputation at stake, take every measure possible to ensure that devices containing sensitive data are properly handled and data is thoroughly destroyed.

For more information, contact us.

Know Your Regulations

Every country has, or is developing, data security regulations. Each U.S. state has a unique set of standards, and the federal government is developing overarching legislation. Canada and European countries have their own laws as well. Arrow’s global compliance policy ensures that our processes meet the minimum standards of all relevant data security regulation. So no matter where your assets reside, your data — and your brand — will be protected.

Arrow helps companies keep in compliance with the following regulations and more:

  • HiTech
  • PCI
  • Gramm-Leach-Bliley Act
  • European Union Data Protection Directive