Is ITAD a Weak Link in Data Security?

Is ITAD a Weak Link in Data Security?

0 Comments

Is ITAD a Weak Link in Data Security?

Let’s face it, the amount of data currently being created on a day to day basis isn’t slowing down anytime in the near future.

With the increase in data comes newer, faster equipment with even more vast amounts of storage capacity.

Not only does that create a problem of what to do with the old assets, but more importantly how to keep them secure in the process.

A recent report from Experian revealed that nearly thirty percent of organizations don’t have plans in place to deal with data security threats.

You heard that right. According to their research that’s almost one third of businesses!

With cyber security threats from ransomware attacks to hard drives being sold online that still contain left behind data, how can any business not comprehend the risk that poorly managed data creates?

In more recent times, we’ve seen cyber security being prioritized as an area of great investment; especially with a majority of new businesses and startups in the data hosting sector.  

But ponder for a moment the amount of retired IT assets that end up in piles of scrap as new products are released on a continuous basis.

Whether it be an entire machine, such as laptops, desktops, and networking switches or individual components like SSDs, HDDs, memory, or tape cartridges, any small to mid-sized business produces a significant amount of physical data assets that need to be securely destroyed on a regular basis.

Unfortunately, end of life asset management and the secure destruction of data assets is often unnoticed.

An insufficient amount of businesses can guarantee or show proof that every measure possible was taken to prevent a data breach. 

Too few organizations can confidently state that all sensitive data was destroyed in a secure, accountable and socially responsible way.

When the General Data Protection Regulations (GDPR) came into legislature in May 2018, businesses began facing potential financial penalties if they didn’t comply with the data destruction guidelines.

 

data center energy efficiency

An organization that deal with or governs sensitive data should have an obligation to teach their staff about GDPR requirements and responsibilities. 

In order to stay ahead of the curve, businesses should also be making an effort to transform employee habbits when it comes to data asset destruction.

However, this can be a costly and timely process. Processes and policies in regards to asset and data disposition need to be communicated clearly to staff, resulting in the gradual education and behavioral change.

The decisions any organization has to make when choosing on an ITAD vendor are going depend on the size of the company and its equipment inventory.

Nevertheless, a business can adopt its own plan and strategy to fit its individual ITAD requirements, but the most important thing that must remain is taking an active part in the security of critical data.

Trusting the help of a reputable ITAD vendor makes a huge difference. There are countless security measures that a business may not think to take into account. 

A professional ITAD company will to ensure your data is properly secure from start to finish.

Since 1965, we’ve been in the business of helping organizations with all of their IT asset needs. 

With over 130 years combined industry experience, our equipment experts can assist in offloading old or retired hardware fast, easy, and even more importantly SECURELY.

When considering selling surplus IT equipment, visit one of our pages; We Buy Used IT EquipmentWe Buy Used MemoryWe Buy Used Hard Drives, We Buy Used Cisco, or We Buy Used Tape to get the highest market value and the greatest return on investment. 

Contact us today for a free quote and see why we’ve been trusted by businesses both large and small for over half a century.

Freedom and Security

0 Comments

By living in the United States, we are blessed with many freedoms such as freedom of speech, freedom of press, and freedom of information. But what exactly is “freedom of information” and how can it really exist with all the current regulations guarding the release of such information?  

The Freedom of Information Act (FOI), is a federal freedom of information law, signed by President Lyndon B Johnsen in 1966, requiring the full or partial disclosure of previously unreleased information and documents controlled by the United States government upon request. 

So can a federal law requiring the release of information upon request coexist with the recent Data Protection Act (DPA) and laws meant to protect our “digital privacy”? 

5 Ways the Freedom of Information Act and the Data Privacy Act Coexist

1. The concepts of “data privacy” and “privacy” are different

The Data Privacy Act (DPA) may not have explicitly defined the terms “data privacy” or “privacy”. Although, we must know that these are two different concepts that function with two distinctive purposes.

“Data privacy” refers to the personal information of individuals, who are mentioned in the law as a “data subject”. These “data subjects” are provided certain rights in respects to the processing of their personal information as well as the security of personal information being processed and accountability for the transfer of information.

“Privacy” as a single concept is not so articulately defined in our laws. Although, in the Bill of Rights “privacy” is stated to be the right of individuals or citizens to be secure in their persons, houses, papers and effects against any unreasonable searches and seizures of whatever nature and for any purpose.

This means is that the “privacy” in the Freedom of Information Act (FOI) operates under different rules and is not necessarily affected by the stipulations of the Data Privacy Act.

As a “data subject” under the DPA, what we should be attentive of is the actual processing of our personal information. Processing is described as any operation or set of operations performed upon personal information including, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data.

That being said, the act of processing personal information is different from the giving of public access to information in the matter of public interest. Therefore, the act of providing public access to information is not considered the same as “processing” of personal information as intended by FOI and DPA.

Besides, the disclosure and public access in the matter of public interest, is part of the Bill of Rights, as “the right of the people to information on matters of public concern”.

As the rights to public information are stemming from the American Constitution, they cannot just be reversed by the notion of “processing” of personal information provided for by the DPA. In other words, a law simply cannot be made to triumph over a provision of the Constitution.

3. Personal Information in the Data Protection Act does not Include Investigation into Public Officials

There may be certain types of sensitive personal information whose processing is prohibited apart from certain exceptions provided by the law. Looking at what may be considered as prohibited sensitive personal information, refers to any proceeding for any offense committed or alleged to have been committed by a public official.

That means is that if there’s any alleged wrongdoing by a public official, the public official cannot simply claim they have “sensitive information” that cannot be disclosed because there has to be court proceedings first where sensitive personal information may be involved.

4. The Data Privacy Act does not Protect the acts of Public Officials under their Job Function

Information about any individual who is or was an officer or employee of a government institution is outside of the scope of the law. Any such information about the acts of the public official on how he or she has performed his or her functions are not covered by the rights to data privacy.

This means is that the DPA cannot be used to deny access to the information being requested, since the DPA has nothing to do with information. Instead, it is the rules of the FOI that will deal with how this non-disclosure or disclosure of the public official’s personal information will be carried out.

5. Violating Rights to Privacy can Create Civil Liabilities in the FOI, but not the DPA.

The FOI creates liability for damages by any public officer, employee, or private citizen, who obstructs, defeats, violates, or impairs the constitutional rights to be secure in one’s person, house, papers and effects against unreasonable searches and seizures.

What this means is that the public official, whose right to privacy is protected, can sue anyone for damages, who may interfere with the public official’s right to privacy, but not the data privacy referred to in the DPA.

This right to sue for damages for violation of constitutional rights is a broad one, which is different from the right to restitution. Restitution, refers to the restoration of the thing itself, which means a rectification of any error in the processing of personal information by the data subject and nothing else.

Conclusion

At first glance, the right to privacy may defeat the public’s right to information on matters of public concern but this must be distinguished with the right to data privacy which operates under rules provided by the Data Privacy Act (DPA).

The DPA and the FOI do not outrightly clash, but the application of rules in both of the laws may need to be refined and consistent to fully carry out the public’s right to information on matters of public concern.

13 IT Dad Jokes

0 Comments

Father’s have taught us many things, but telling jokes may not be one of them. Here are a few of our favorite “IT” dad jokes to get you through the holiday….

Don’t use “beef stew” as a computer password.

It’s not stroganoff.

 

 

Did you hear about the monkeys who shared an Amazon account?

They were Prime mates.

 

 

What does Apple call its new iPhone chargers?

Apple Juice

 

 

Have you heard of that new band “1023 Megabytes”?

They’re pretty good, but they don’t have a gig just yet.

 

 

I just got fired from my job at the keyboard factory.

They told me I wasn’t putting in enough shifts.

 

 

My computer suddenly started singing “Someone Like You.”

It’s a Dell.

 

 

Why did the computer show up at work late?

It had a hard drive.

 

 

Why did the CPU go broke?

A reboot cleared out all of its cache.

 

 

What are computers’ favorite snacks?

Microchips, phish sticks, and cookies. But just a few bytes of each.

 

 

What do computers do at the beach?

Put on some spam block for protection so they can safely surf the net while catching some WAVs!

 

 

Where do computers go to dance?

The disk-o.

 

 

Why did the IT guy’s mom yawn?

Because he made his Mother Bored.

ASCDI podcast

0 Comments

ASCDI Podcast: Meet DTC Computer Supplies, a company dedicated to the secondary market

New to the AscdiNatd, DTC Computer Supplies is a family owned company specializing in buying and selling IT equipment that offers a deep bench of experience in the industry, and especially in data storage products. In this podcast, Norm Hutton, Wholesale Purchasing and Sales with DTC, gives us a look at the new ASCDI member. Hutton discusses how DTC offers many services including quantity discounts, same day shipping, blind and double blind drop shipments, in-house labeling and initialization, free EDP Tri-Optic barcode labels with any tape purchase and a deep inventory of products. We learn about DTC’s exclusive Phoenix Rejuvenation Process. Hutton describes DTC’s used tape and IT equipment buyback programs.

Data Center Energy Efficiency

0 Comments

Due to today’s constant changes and technological advances, the amount of data being created continues to grow at a rapid rate. More data being generated, translates into more robust data storage centers. Regardless of how long you’ve been using data centers for your business growth and storage needs, there is always room for improvement.

Enhancing the energy efficiency of your data center is just another important component to ensuring longevity, success, and continual growth of your business.

More often than not, data center energy efficiency boils down to two simple things:

1)  managing the amount of power being consumed by the equipment

2) eliminating tasks and physical properties that hinder optimization

Optimize “IT”

Energy usage is probably the highest annual expense for today’s data center managers, and it will only continue to increase in the future.

When examining a data center’s energy usage, it’s usually seen as a whole building consumption, rather than individual equipment.

In spite of this, there are still valuable steps that IT authorities or data center managers should practice to make certain that their equipment constantly operates at a more energy efficient level.

Start by decreasing the amount of unnecessary power going into IT equipment by checking the workloads of all operating assets.

Ask questions like:

“Is there any older equipment that can be retired?”

“Is there old data that can be backed up elsewhere or at an off-site location?”

“Can a bulk of my data be stored via cloud?”

“Are there other operations that can be carried out remotely?”

 “Are there systems or workloads that can be combined?”

Whatever steps are taken in this manner, make sure that any efficiency checks don’t interfere with security. Data security should always be the number one priority.

Out with the Old, In with the New

Can you think of the last time someone performed a thorough equipment inspection of your data center? Has it been a while? Take a second and have a peak at how many servers are powered on, yet performing an insignificant task.

Hopefully your answer is none. An ideal data center will have all machines operating at the highest efficiency with business-critical missions. However, that’s not always the case.

If you have data center equipment that’s ready to be retired, then now is the time to look into an equipment buyback program. Let’s dispose of those old hard drives, servers, and other old equipment that’s collecting dust; while consuming energy and costing your company money.

If you’re already in the process of disposing of your retired equipment, it might be the perfect time for an upgrade. Usually as technology advances, it also reduces power consumption thus increasing data center energy efficiency.

Replacing older equipment with newer upgraded equipment can be a major difference in a data center’s energy consumption, saving your business thousands of dollars in the long run.

data center energy efficiency

Data Center Facility Inspection

Not only can older data center equipment increase operating costs, but the facilities with which the data center is located can make a difference as well. The building’s construction, along with where it’s located can play a big role in power consumption and annual costs.

Courtesy:BobLandstrom.com

Older construction buildings not only increase liabilities in the event of a disaster, but are often not a great fit for modern technology. As opposed to a newly built facility, an older data center housing will cost more to maintain consistent room temperatures and may also be subject to leaky roofs or shaky foundations.

As cloud migration and the move to more virtually-based data continues to expand, it’s very possible that the data centers of yesterday are greatly overbuilt for any modern needs.

In such a situation, it may very well be time for a total data center decommission. An entirely new building may appear unnerving at first, particularly with the upfront expenses. Nonetheless a general downsize will make certain your data center isn’t consuming more power than it needs to.

Prime Real Estate

Data center operational efficiency doesn’t always refer to just energy consumption alone. The physical location of a data center facility may also have a direct correlation to the operating costs involved.  

For example, a data center facility in New York City or Silicon Valley is going to cost significantly more than the same sized facility in Boise, Idaho. When taking location into mind, always take into consideration who your data center is serving.

Many data centers today have their facilities on the outskirts of major metropolitan cities.  If it’s not absolutely necessary for you to operate near major metropolitan areas or more expensive markets, then take advantage of the opportunity to move to a less expensive area.

Keep “IT” Cool

It’s no secret to data center managers that powering the IT equipment is only fifty percent of the equation. The other half of the problem is sourcing the power to keep the constantly running equipment cool.

Similar to all of the mission-critical equipment that’s operating 24/7/365, there is wastefulness that can be tackled to ensure cooling systems and operations aren’t consuming an unnecessary amount of power.

The simplest way for any data center to improve the efficiency of its coolers is to install economizers. The overall effectiveness of the economizers will depend on the local climate your data center facility is located in. Yet another reason to consider location.

Courtesy: energystar.gov

What is an economizer? Economizers are machines used to regulate indoor to outdoor temperatures.  According to the United States Department of Energy, an economizer could be anything from outside air refrigeration systems to a rooftop ventilation system used to cool a room. If the outside temperature is slightly cooler than inside the data center, then economizers are a great option to improve cooling efficiencies.

Additionally, take into account the current standard of air conditioning practices and equipment in your data center. Making sure the server hardware and other IT equipment remains cool enough to operate is extremely important.

Now make sure you don’t overdo it too. There are times when data centers can be kept too cool. Fortunately, most newer servers today have built-in systems to stay cool, and do not need to be kept as cool as older models. In this case, the data center’s HVAC can be occasionally turned off as temperatures are monitored more closely by the servers themselves.

Data Center Energy Efficiency

If a majority of your data center’s energy costs are directed towards cooling, then it might be time to upgrade the cooling equipment. Possibly the air conditioning unit in the entire building needs repaired or replaced.

Another great energy saver is to house any data center equipment generating too much heat using isolation structures. These complex isolation structures can guide the heat entirely out of the data center to heat other parts of the building as necessary.

Other modern cooling and venting systems can help data center manager’s improve operating efficiency and lower any consumption costs as well.

Maybe consider installing vented floor tiles to improve overall airflow, or installing chillers that will absorb and transfer heat between physical systems. Anything to help improve the general day-to-day maintenance of your data center will save money in the long run.

Courtesy: environmental leader

No two data centers are exactly alike and every situation is unique. Nevertheless, most IT managers are facing the same physical obstacles in regards to improving energy consumption and overall data center energy efficiency.

The best thing to do is start by conducting a thorough equipment inventory check and look at your current systems.  Slowly branch out from there in order to isolate and eradicate areas of deficiency.

Finally, if you find that the major efficiency improvements can only occur with an upgrade or complete face-lift to your data center, you may need a full-on data center take out