Server Buyback

OEMs covered

Dell PowerEdge · HPE ProLiant · Cisco UCS · IBM Power Systems · Supermicro · Lenovo ThinkSystem · Inspur · Huawei

Pricing notes

Working enterprise hardware typically holds residual value for 18–36 months after end-of-warranty under Reuse-First refurb economics. Drives wiped to NIST SP 800-88 Rev. 1 Purge, SSDs to IEEE 2883-2022 firmware Sanitize, per-asset certificate retained.

What we see most of in Malaysia

How we process your engagement

Send your asset list. We respond with a written MYR quote in per engagement SLA (5 business days for AI accelerators). Pickup against signed manifest within Pickup scheduled per engagement, nationwide Malaysia. Wipe + functional test included as standard — drives sanitised to NIST SP 800-88 Rev. 1 Purge for spinning HDDs and IEEE 2883-2022 firmware Sanitize for SSDs/NVMe. Per-asset Certificate of Destruction issued, line-item invoicing per asset, settlement against your PO. Multi-site programme engagements consolidate to a single MYR settlement line; single-event engagements settle within 7 business days of manifest reconciliation.

Condition grading rubric — how we set the offer

Servers are graded against a four-tier rubric that drives the buyback offer. Grade A — refurb-grade, full reuse: powers on, POSTs cleanly, all DIMM slots populate, all drive bays detect, BMC/iDRAC/iLO resets to factory default, no chassis cosmetic damage beyond rack-rail wear. Typical recovery: 35–55% of original list. Grade B — working with cosmetic or minor functional defects: powers on, POSTs, may have one failed DIMM, one failed PSU, minor chassis dent, missing bezel, or BMC requiring battery replacement. Typical recovery: 20–35%. Grade C — partial-recovery / parts-harvest: does not POST cleanly, motherboard fault, multiple DIMM failures, backplane damage. Recovered for tray-CPU, DIMM, drive, and PSU pulls feeding our spare-parts inventory. Typical recovery: 8–18%. Grade D — scrap-recovery only: water damage, fire damage, severe corrosion, or BMC permanently locked with no OEM-recoverable path. Recovered at material-recovery economics: 2–5%. Every grade is documented on the per-asset Certificate of Destruction and the per-asset MYR settlement line.

Typical recovery ranges — current secondary market

Recovery ranges reflect 2024–2025 secondary-market data across our trader-channel network. AI-accelerator-equipped variants are quoted by the AI Hardware Desk separately. Ranges assume standard configuration; high-memory or high-core variants typically clear 10–20% above the band; storage-heavy SKUs vary based on drive condition.

Sanitisation specifics — what the certificate cites

Server drives are sanitised in two parallel paths. Spinning HDDs: NIST SP 800-88 Rev. 1 Purge using the ATA Secure Erase command via the drive controller (Single-Pass on modern SED drives, Three-Pass on legacy drives where firmware Secure Erase is unsupported). Verification by sector-sample read-back; verification artefact retained for the certificate. SSD/NVMe drives: IEEE 2883-2022 firmware Sanitize using the device-internal Sanitize command (Block Erase for SATA SSDs, Crypto Erase for self-encrypting NVMe drives, Overwrite for non-SED variants). Verification confirms Sanitize-complete status and zero-LBA read-back on a sampled cohort. Self-encrypting drives: Cryptographic Erase via the drive's embedded key store, completing in seconds and meeting NIST 800-88 Purge classification. BMC/iDRAC/iLO/XClarity: factory reset including credential clearing, firmware re-flash where the engagement requires (Department of Defense engagements, top-classified BFSI). Embedded firmware-resident data: where a device retains residual configuration in NIC firmware, RAID controller cache, or HBA EEPROM, those are explicitly cleared and noted on the certificate. Each drive's sanitisation entry on the certificate cites the standard, the method, the tool, the firmware version, the operator ID, and the UTC timestamp.

Recent engagement scenarios (anonymised)

Scenario 1 — Tier-1 bank quarterly refresh, 380 servers. A regulated commercial bank retired 380 Dell PowerEdge R740/R740xd from a primary data centre during a Q3 refresh. Asset list reconciled in 2 business days; written MYR quote in 4 business days against the customer's purchase order. Pickup over 3 nights inside the customer's 22:00–06:00 access window with badged escort. NIST 800-88 Rev. 1 Purge across 1,520 drives in-flight at our facility; per-asset Certificate of Destruction issued within 14 business days. Reuse-First refurb routing: 67% of the chassis cleared Grade A or B and routed back to channel; remaining 33% parts-harvested. Settlement at programme close: meaningfully above the OEM trade-in offer the customer had received, which had been computed on destruction-first economics.

Scenario 2 — Lease-end return on 96 HPE ProLiant DL380 Gen10. Lessor required servers returned by a fixed cut-off; customer needed Reuse-First option on the 24 units the lessor was prepared to release. We picked up the entire 96-unit batch, generated the lessor-acceptable manifest for the 72 returnable units, and quoted the 24 customer-retained units at refurb-grade economics. iLO factory-reset in-flight; per-unit certificate issued. Customer avoided lessor end-of-term penalties (estimated cost-avoidance noted on engagement record) and recovered residual value on the retained units in MYR.

Scenario 3 — Hyperscale tenant exit, 48 racks of mixed-OEM compute. An AI startup exiting a colocation suite needed multi-rack pickup over a 72-hour access window. 48 racks: a mix of Dell, HPE, and Supermicro chassis with NVIDIA accelerator cards in some. AI accelerators routed to the AI Hardware Desk for separate quoting on a 5-business-day quote validity (volatile market); standard servers quoted on 30-day validity. Cabling reclaimed in-flight; cage de-commissioning paperwork signed by the colocation provider. Settlement consolidated to a single MYR invoice line. Reuse-First reuse rate on this engagement: 71%.

Pickup, chain of custody, and logistics

Server pickups run on a chain-of-custody manifest signed at every transfer point. The standard sequence: (1) badged operators arrive in your access window with tamper-evident sealed containers staged at the cage; (2) each chassis is photographed, serial-scanned, and tagged against the asset list; (3) drives are not separated from chassis at pickup unless your engagement requires on-site sanitisation; (4) chassis loaded into sealed containers, manifest signed by your representative; (5) GPS-tracked vehicle to our facility; (6) manifest signed at facility receipt; (7) sanitisation in-flight, certificate issued; (8) Reuse-First refurb routing or material recovery as the grade dictates. Witness destruction at your facility is available where the regulator or your security policy requires — typical for top-classified BFSI, government restricted-data, and certain healthcare engagements. Mobile shred units are deployable within Malaysia on engagement-specific cost arrangements. Multi-site programmes consolidate the manifest across pickup events into a single engagement-level reconciliation.

Common pitfalls that erode recovery

Pitfall 1 — RAID controller battery failure not flagged. Many decommissioned servers arrive with depleted RAID-controller batteries. The chassis still POSTs; the controller cache is unrecoverable. Where the customer has not flagged this, the secondary buyer discovers it post-purchase and disputes the grade. We test every controller at receipt and note battery state on the certificate. Pitfall 2 — BMC/iDRAC/iLO not reset. A BMC retaining the customer's root credential is unsellable to a secondary buyer in regulated industries. We reset every BMC to factory default and re-flash firmware where the engagement requires. Pitfall 3 — Drive serial mismatch against asset list. Where the customer asset list was generated from a different inventory tool than ours, drive serials may not reconcile. We re-scan and reconcile at receipt; any unreconciled drive is flagged on the certificate. Pitfall 4 — Mixed customer data on shared appliances. Some virtualisation platforms retain customer data in firmware-resident metadata even after drive sanitisation; we explicitly clear hypervisor metadata and note the clearing method. Pitfall 5 — Asset list contains "ghost" assets. Customers occasionally list servers that were retired in a previous engagement but never struck from the asset register. We flag these as not-received and reconcile to your fixed-asset team.

Why customers in Malaysia choose Maxicom for servers buyback

Continuous operation since 1996 — the Maxicom group was founded in India in 1996 and operates across Malaysia, plus four other Maxicom regions. Per-asset certificate format admissible against , PDPA Malaysia, NIST SP 800-88 Rev. 1, IEEE 2883-2022, and equivalent regulators in every jurisdiction we have served. Reuse-First reuse rate of 65–75% blended across our 2024–2025 cohort — typically 1.5–3× the residual value of destruction-first OEM trade-in programmes. Settlement in MYR against your purchase order, line-item per asset, payment terms 7 business days from manifest reconciliation. Cross-border resale routing under NDA preserves channel-respect — your retired gear never re-appears in your local market unless you specifically authorise local resale. Programme-level pricing for multi-event commitments; quarterly business reviews for ongoing engagements. Single SOW, single ledger, single regulator-facing report — your fixed-asset team reconciles to one document.