However, there's one thing that companies always overlook - data security. Yes, I know, almost all companies make sure they protect their data though encryption, passwords, etc.
But let's look at this example. Disposal of computers. Let's say company A is disposing their old computers, and let's face it, no sane CTO will let their own guys do it. It takes too much time to pop (in geek speak, degauss) their thousands of hard-disks. They will instead outsource this troublesome, time consuming, snail racing activity and let them handle it. Now we have a third party involved.
Just imagine, all we need is one person who decides that, "hey, this PC still looks like new, let me bring it home", and whatever measures you've put in place - BAM! All gone. In your inventory, it looks okay, but the data is residing at someone's home. Just by connecting the PC to the internet, and installing a suspicious programme, all your data could very well be in the hands of a malicious user.
This can be a very common scenario and there are simple solutions to avoiding this problem such as making sure the hard disks are wiped prior to moving the PCs out or even separating the PCs and the hard disks, and letting two separate vendors handle them.
Let's not take data/IT security lightly. There are many chains in the process that are easily overlooked. Make sure your firm can protect it's assets and data well.
