Every day, companies around the world are upgrading and expanding their data centers. Though these investments mean improved speed, service and data security, plans for their acquisition all too often leave out consideration of what to do with the servers that are being replaced. It has been estimated that there are millions of servers sitting idle because companies that are focused on upgrading new hardware rarely include dismantling and disposing of what they are replacing as part of their upgrade plan. This is both an enormous waste of energy and a security risk. Most companies are more concerned with data security and disposing of hard drives containing confidential information then figuring out what to do with assets that they’re no longer using, and it’s a growing international problem. Data consultants tell stories of companies with over 1,000 servers that are up, running, and using loads of electricity, yet not actually providing any value: In many cases they no longer are connected with the companies’ software systems and are unfindable from a connection standpoint. Instead, they are only visible when a physical inventory is being taken.Hearing about these servers is enough to make the blood of any environmentalist boil, and should be on the radar of finance departments everywhere. If you need any convincing as to the impact of data center energy costs, just look to Google and Facebook, both of which have specifically placed their data centers in states that provide low-cost power, and both of which have specifically designed their data centers with maximum energy efficiency in mind. In the United States alone, data centers are estimated to be responsible for approximately two percent of our national energy consumption, and unused servers are undeniably responsible for a large portion of that usage. In fact, a recent survey of clients of a single data-center-efficiency company found that roughly thirty percent of their servers had not been utilized in over half a year. One industry expert estimates that there are nearly 4 million servers in the United States alone that are being run without being used, and that they require a generating capacity of approximately 1.44 gigawatts of energy. That’s roughly equivalent to dedicating three large power plants and dedicating them exclusively to operating idle equipment.

If the United States is accountable for that many servers, then it’s safe to estimate that there are about ten million servers that are similarly inactive globally. Not only does this represent a tremendous waste of valuable energy, but also an unthinkable expenditure of capital that likely reaches into the tens of billions of dollars. Though it would seem that IT managers would automatically have taken action to remove these energy drains, many in upper management who have studied the problem acknowledge the lack of budgets and risk exposure to data loss. The answer is greater communication and putting a data destruction and recycling plan into place.

To help companies identify how much their data centers are actually costing them to run, new power management software products are being introduced, and as companies become more aware of the problem, many are taking action to decommission idle servers. Doing so can represent savings on power of as much as 35 percent, but also raises additional challenges, particularly in the area of data security.

The disposal of servers that have been operational for years is not a task to be taken lightly. It requires a secure process that is in keeping with all compliance requirements for data destruction. Companies large and small that maintain medical information must meet the additional levels of security required in order to meet HIPAA standards. Allowing decommissioned servers to fall into the wrong hands can ruin a company’s reputation and risk data breaches, no matter how long it has been since they served essential functions. It is essential that those in charge of eliminating idle equipment focus not only on the energy savings that they may realize, but also spend time ensuring that the task of hard drive destruction is being done competently and securely.