About the only thing harder than building a data center is dismantling one, because the potential for disruption of business is much greater when shutting down a data center than constructing one.\nThe recent decommissioning of the Titan supercomputer at the Oak Ridge National Laboratory (ORNL) reveals just how complicated the process can be. More than 40 people were involved with the project, including staff from ORNL, supercomputer manufacturer Cray, and external subcontractors. Electricians were required to safely shut down the 9 megawatt-capacity system, and Cray staff was on hand to disassemble and recycle Titan\u2019s electronics and its metal components and cabinets. A separate crew handled the cooling system. In the end, 350 tons of equipment and 10,800 pounds of refrigerant were removed from the site.\n\nRead more data center stories\n\nNVMe over Fabrics creates data-center storage disruption\nData center workloads become more complex\nWhat is data-center management as a service (DMaaS)?\nData center staff aging faster than equipment\nMicro-modular data centers set to multiply\n\n\nWhile most enterprise IT pros aren\u2019t likely to face decommissioning a computer the size of Titan, it is likely they\u2019ll be involved with dismantling smaller-scale data centers given the trend for companies to move away from on-premises data centers.\nThe pace of data center closure is going to accelerate over next three or four years, according to Rick Villars, research vice president, datacenter and cloud, at IDC. "Every company we\u2019ve spoken to is planning to close 10% to 50% of their data centers over the next four years, and in some cases even 100%. No matter who you talk to, they absolutely have on the agenda they want to close data centers," Villars says.\nSuccessfully retiring a data center requires navigating many steps. Here\u2019s how to get started.\nInventory data-center assets\nThe first step is a complete inventory. However, given the preponderance of zombie servers in IT environments, it\u2019s clear that a good number of IT departments don\u2019t have a handle on data-center asset management.\n"They need to know what they have. That\u2019s the most basic. What equipment do you have? What apps live on what device? And what data lives on each device?\u201d says Ralph Schwarzbach, who worked as a security and decommissioning expert with Verisign and Symantec before retiring.\nAll that information should be in a configuration management database (CMDB), which serves as a repository for configuration data pertaining to physical and virtual IT assets. A CMDB \u201cis a popular tool, but having the tool and processes in place to maintain data accuracy are two distinct things," Schwarzbach says.\nA CMDB is a necessity for asset inventory, but \u201cany good CMDB is only as good as the data you put in it,\u201d says Al DeRose, a senior IT director responsible for infrastructure design, implementation and management at a large media firm. \u201cIf your asset management department is very good at entering data, your CMDB is great. [In] my experience, smaller companies will do a better job of assets. Larger companies, because of the breadth of their space, aren\u2019t so good at knowing what their assets are, but they are getting better.\u201d\nMap dependences among data-center resources\nPreparation also includes mapping out dependencies in the data center. The older a data center is, the more dependencies you are likely to find.\nIt\u2019s important to segment what\u2019s in the data center so that you can move things in orderly phases and limit the risk of something going wrong, says Andrew Wertkin, chief strategy officer with BlueCat Networks, a networking connectivity provider that helps companies migrate to the cloud. "Ask how can I break this into phases that are independent \u2013 meaning \u2018I can\u2019t move that app front-end because it depends on this database,\u2019" Wertkin says.\nThe WAN is a good example. Connection points are often optimized, so when you start to disassemble it, you need to know who is getting what in terms of connections and optimized services so you don\u2019t create SLA issues when you break the connection. Changing the IP addresses of well-known servers, even temporarily, also creates connection problems. The solution is to do it in steps, not all at once.\nQuestions to ask decomissioning providers\nGiven the complexities and manpower needs of decommissioning a data center, it\u2019s important to hire a professional who specializes in it.\nExperience and track record are everything when it comes to selecting a vendor, says Mike Satter, vice president at OceanTech, which provides data center decommissioning and IT asset disposition services. There are a lot of small companies that say they can decommission a data center and fail because they lack experience and credentials, he says. "I can't tell you how many times we\u2019ve come into a mess where we had to clean up what someone else did. There were servers all over the floor, hardware everywhere," Satter says.\nHis advice? Ask a lot of questions.\n"I love having a client who asks a lot of questions," Satter says. \u201cDon\u2019t be shy to ask for references,\u201d he adds. \u201cIf you are going to have someone do work on your house, you look up their references. You better know who the contractor will be. Maybe 10% of the time have I had people actually look into their contractor.\u201d\nAmong the processes you should ask about and conditions you should expect are:\n\nHave the vendor provide you with a detailed statement of work laying out how they will handle every aspect of the data center decommissioning project.\nAsk the vendor to do a walkthrough with you, prior to the project, showing how they will execute each step.\nFind out if the vendor outsources any aspect of data center decommissioning, including labor or data destruction.\nInquire about responsible recycling (see more below).\nAsk for references for the last three data center decommissioning clients the vendor serviced.\nAsk if the vendor will be able to recover value from your retired IT hardware. If so, find out how much and when you could expect to receive the compensation.\nAsk how data destruction will be handled. If the solution is software based, find out the name of the software.\nLearn about the vendor\u2019s security protocols around data destruction.\nFind out where the truck goes when it leaves with the gear.\nAsk how hazardous materials will be disposed.\nAsk how metals and other components will be disposed.\n\nRecycle electronics responsibly\nAs gear is cleared out of the data center, it\u2019s important to make sure it\u2019s disposed of safely, from both a security and environmental standpoint.\nWhen it comes to electronics recycling, the key certification to look for is the\u00a0R2 Standard, Satter says. R2 \u2013 sometimes referred to as the responsible recycling certification \u2013 is a standard for electronics recyclers that requires certified companies to have a policy on managing used and end-of-life electronics equipment, components and materials for reuse, recovery and\/or recycling.\nBut R2 does more than that; it offers a traceable chain of custody for all equipment, tracking who touched every piece and its ultimate fate. R2 certified providers \u201caren\u2019t outsourced Craigslist tech people. These are people who do it every day," Satter says. "There are techniques to remove that gear. They have a group to do data security on site, and a compliance project manager to make sure compliance is met and the chain of custody is met."\nAnd don\u2019t be cheap, DeRose adds. "When I decommission a data center, I use a well-known company that does asset removal, asset destruction, chain of custody, provides certifications of destruction for hard drives, and proper disposal of toxic materials. All that needs to be very well documented not [only] for the environment\u2019s protection but [also] for the company\u2019s protection. You can\u2019t wake up one morning and find your equipment was found dumped in a landfill or in a rainforest," DeRose says.\nDocumentation is critical when disposing of electronic waste, echoes Schwarzbach. "The process must capture and store info related to devices being decommissioned: What is the intent for the device, recycling or new service life? What data resides on it? Who owns the data? And [what is] the category of data?"\nIn the end, it isn't the liability of the disposal company if servers containing customer or medical information turn up at a used computer fair, it's the fault of the owners. "The creator of e-waste is ultimately liable for the e-waste," Schwarzbach says.\nControl who's coming into the data center\nShutting down a data center means one inevitability: You will have to bring in outside consultants to do the bulk of the work, as the ORNL example shows. Chances are, your typical data center doesn't let anywhere near 40 people inside during normal operations. But during decommissioning, you will have a lot of people going in and out, and this is not a step to be taken lightly.\n"In a normal scenario, the number of people allowed in the data center is selected. Now, all of a sudden, you got a bunch of contractors coming in to pack and ship, and maybe there\u2019s another 50 people with access to your data center. It\u2019s a process and security nightmare if all these people have access to your boxes and requires a whole other level of vetting," Wertkin says. His solution: Log people in and out and use video cameras.\nAny company hired to do a decommissioning project needs to clearly identify the people involved, DeRose says. "You need to know who your company is sending, and they need to show ID.\u201d People are to be escorted in and out and never given a keycard. In addition, contractors should not to be left to decommission any room on their own. There should always be someone on staff overseeing the process, DeRose says.\nIn short, the decommissioning process means lots of outside, non-staff being given access to your most sensitive systems, so vigilance is mandatory.\nNone of the steps involved in a data center decommissioning should be hands-off, even when it requires outside experts. For the security and integrity of your data, the IT staff must be fully involved at all times, even if it is just to watch others do their work. When millions of dollars (even depreciated) of server gear goes out the door in the hands of non-employees, your involvement is paramount.