3stepIT Annual Report 2020 design review June 18 v2 - Report - Page 22
Asset NG has given us an overview of what equipment we
have, who uses it and when to replace it. What was previously
managed in an Excel sheet is now automated so we can
access the latest information on our devices at any time.
Jesper Smedegaard Bertelsen, Head of IT Service Desk, Nobia
Information security and data protection
New refurbishing facilities in Sweden & Norway
Our approach to security includes administrative,
technical and physical controls to manage information
security risks, detect and respond to information security
incidents, and to assure business continuity.
Last year we announced that we will open a new and
modern facility in Växjö, Sweden, in 2021. The new
refurbishing centre will be a boost to the local economy,
creating new jobs and ensure many more companies
can refresh their business-critical IT responsibly and
sustainably. It will also support the growth of the used
IT market, providing our trading partners with greater
consistency and predictability on order volumes.
This year our cybersecurity program continued to further
strengthen the protection of our business and customers.
During 2020 we did not have any major data or security
incidents and our Information Security Management
System was re-certified ISO 27001 for a further three years
without any non-compliances.
We use best in class software to erase and overwrite data
during the refurbishing process (NIST 800-88 standard),
chosen to give our customers complete peace of mind. If
the software cannot run on an item of faulty equipment,
we use a robust manual process, physically shredding
hard drives or whole devices (DIN66399 standard). The
refurbishing process creates an automatic data-erasure
report for all devices. This is recorded in our asset tool to
give customers a complete data-destruction audit trail.
We also offer comprehensive training, supported by
technical security controls, to empower our people to
become informed and engaged security advocates.
Annual information security and data privacy awareness
training is mandatory for everyone and we are proud
of our 99% completion rate. We also review third party
controls to prevent security being bypassed via a supplier
3stepIT’s Chief Information
Officer, Sari Leppänen, said,
In a connected world, protecting
sensitive information is a significant
challenge for all industries. It
is particularly essential in our
business, where we are trusted
with managing business-critical IT
and secure data removal from old
devices is vital. Our team takes this
responsibility very seriously and
we’re proud of our spotless record.
3stepIT is also growing in Norway and has plans to open
a refurbishing centre in Ski. We will be renovating a 3,600
sqm premises using environmentally friendly solutions,
including the addition of a large solar plant that will
help us take another important step towards sustainable
operations. The renovated refurbishing centre is set to
open in August 2021.
The new premises will allow
3stepIT to process around
3stepIT’s Chief Remarketing
Officer, Jonas Rosqvist, said:
Our European business is growing
rapidly as more companies look
for way to responsibly acquire,
manage and refresh IT devices.
Our refurbishing capacity is a
big part of our scalable business
strategy. We needed new locations
to handle a large volume of
devices, but that also met our
tough sustainability criteria.
devices each year.
During 2020 we did not have any
major data or security incidents.