Is ITAD a Weak Link in Data Security?

Is ITAD a Weak Link in Data Security?

0 Comments

Is ITAD a Weak Link in Data Security?

Let’s face it, the amount of data currently being created on a day to day basis isn’t slowing down anytime in the near future.

With the increase in data comes newer, faster equipment with even more vast amounts of storage capacity.

Not only does that create a problem of what to do with the old assets, but more importantly how to keep them secure in the process.

A recent report from Experian revealed that nearly thirty percent of organizations don’t have plans in place to deal with data security threats.

You heard that right. According to their research that’s almost one third of businesses!

With cyber security threats from ransomware attacks to hard drives being sold online that still contain left behind data, how can any business not comprehend the risk that poorly managed data creates?

In more recent times, we’ve seen cyber security being prioritized as an area of great investment; especially with a majority of new businesses and startups in the data hosting sector.  

But ponder for a moment the amount of retired IT assets that end up in piles of scrap as new products are released on a continuous basis.

Whether it be an entire machine, such as laptops, desktops, and networking switches or individual components like SSDs, HDDs, memory, or tape cartridges, any small to mid-sized business produces a significant amount of physical data assets that need to be securely destroyed on a regular basis.

Unfortunately, end of life asset management and the secure destruction of data assets is often unnoticed.

An insufficient amount of businesses can guarantee or show proof that every measure possible was taken to prevent a data breach. 

Too few organizations can confidently state that all sensitive data was destroyed in a secure, accountable and socially responsible way.

When the General Data Protection Regulations (GDPR) came into legislature in May 2018, businesses began facing potential financial penalties if they didn’t comply with the data destruction guidelines.

 

data center energy efficiency

An organization that deal with or governs sensitive data should have an obligation to teach their staff about GDPR requirements and responsibilities. 

In order to stay ahead of the curve, businesses should also be making an effort to transform employee habbits when it comes to data asset destruction.

However, this can be a costly and timely process. Processes and policies in regards to asset and data disposition need to be communicated clearly to staff, resulting in the gradual education and behavioral change.

The decisions any organization has to make when choosing on an ITAD vendor are going depend on the size of the company and its equipment inventory.

Nevertheless, a business can adopt its own plan and strategy to fit its individual ITAD requirements, but the most important thing that must remain is taking an active part in the security of critical data.

Trusting the help of a reputable ITAD vendor makes a huge difference. There are countless security measures that a business may not think to take into account. 

A professional ITAD company will to ensure your data is properly secure from start to finish.

Since 1965, we’ve been in the business of helping organizations with all of their IT asset needs. 

With over 130 years combined industry experience, our equipment experts can assist in offloading old or retired hardware fast, easy, and even more importantly SECURELY.

When considering selling surplus IT equipment, visit one of our pages; We Buy Used IT EquipmentWe Buy Used MemoryWe Buy Used Hard Drives, We Buy Used Cisco, or We Buy Used Tape to get the highest market value and the greatest return on investment. 

Contact us today for a free quote and see why we’ve been trusted by businesses both large and small for over half a century.

Freedom and Security

0 Comments

By living in the United States, we are blessed with many freedoms such as freedom of speech, freedom of press, and freedom of information. But what exactly is “freedom of information” and how can it really exist with all the current regulations guarding the release of such information?  

The Freedom of Information Act (FOI), is a federal freedom of information law, signed by President Lyndon B Johnsen in 1966, requiring the full or partial disclosure of previously unreleased information and documents controlled by the United States government upon request. 

So can a federal law requiring the release of information upon request coexist with the recent Data Protection Act (DPA) and laws meant to protect our “digital privacy”? 

5 Ways the Freedom of Information Act and the Data Privacy Act Coexist

1. The concepts of “data privacy” and “privacy” are different

The Data Privacy Act (DPA) may not have explicitly defined the terms “data privacy” or “privacy”. Although, we must know that these are two different concepts that function with two distinctive purposes.

“Data privacy” refers to the personal information of individuals, who are mentioned in the law as a “data subject”. These “data subjects” are provided certain rights in respects to the processing of their personal information as well as the security of personal information being processed and accountability for the transfer of information.

“Privacy” as a single concept is not so articulately defined in our laws. Although, in the Bill of Rights “privacy” is stated to be the right of individuals or citizens to be secure in their persons, houses, papers and effects against any unreasonable searches and seizures of whatever nature and for any purpose.

This means is that the “privacy” in the Freedom of Information Act (FOI) operates under different rules and is not necessarily affected by the stipulations of the Data Privacy Act.

As a “data subject” under the DPA, what we should be attentive of is the actual processing of our personal information. Processing is described as any operation or set of operations performed upon personal information including, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data.

That being said, the act of processing personal information is different from the giving of public access to information in the matter of public interest. Therefore, the act of providing public access to information is not considered the same as “processing” of personal information as intended by FOI and DPA.

Besides, the disclosure and public access in the matter of public interest, is part of the Bill of Rights, as “the right of the people to information on matters of public concern”.

As the rights to public information are stemming from the American Constitution, they cannot just be reversed by the notion of “processing” of personal information provided for by the DPA. In other words, a law simply cannot be made to triumph over a provision of the Constitution.

3. Personal Information in the Data Protection Act does not Include Investigation into Public Officials

There may be certain types of sensitive personal information whose processing is prohibited apart from certain exceptions provided by the law. Looking at what may be considered as prohibited sensitive personal information, refers to any proceeding for any offense committed or alleged to have been committed by a public official.

That means is that if there’s any alleged wrongdoing by a public official, the public official cannot simply claim they have “sensitive information” that cannot be disclosed because there has to be court proceedings first where sensitive personal information may be involved.

4. The Data Privacy Act does not Protect the acts of Public Officials under their Job Function

Information about any individual who is or was an officer or employee of a government institution is outside of the scope of the law. Any such information about the acts of the public official on how he or she has performed his or her functions are not covered by the rights to data privacy.

This means is that the DPA cannot be used to deny access to the information being requested, since the DPA has nothing to do with information. Instead, it is the rules of the FOI that will deal with how this non-disclosure or disclosure of the public official’s personal information will be carried out.

5. Violating Rights to Privacy can Create Civil Liabilities in the FOI, but not the DPA.

The FOI creates liability for damages by any public officer, employee, or private citizen, who obstructs, defeats, violates, or impairs the constitutional rights to be secure in one’s person, house, papers and effects against unreasonable searches and seizures.

What this means is that the public official, whose right to privacy is protected, can sue anyone for damages, who may interfere with the public official’s right to privacy, but not the data privacy referred to in the DPA.

This right to sue for damages for violation of constitutional rights is a broad one, which is different from the right to restitution. Restitution, refers to the restoration of the thing itself, which means a rectification of any error in the processing of personal information by the data subject and nothing else.

Conclusion

At first glance, the right to privacy may defeat the public’s right to information on matters of public concern but this must be distinguished with the right to data privacy which operates under rules provided by the Data Privacy Act (DPA).

The DPA and the FOI do not outrightly clash, but the application of rules in both of the laws may need to be refined and consistent to fully carry out the public’s right to information on matters of public concern.

Data Center Energy Efficiency

0 Comments

Due to today’s constant changes and technological advances, the amount of data being created continues to grow at a rapid rate. More data being generated, translates into more robust data storage centers. Regardless of how long you’ve been using data centers for your business growth and storage needs, there is always room for improvement.

Enhancing the energy efficiency of your data center is just another important component to ensuring longevity, success, and continual growth of your business.

More often than not, data center energy efficiency boils down to two simple things:

1)  managing the amount of power being consumed by the equipment

2) eliminating tasks and physical properties that hinder optimization

Optimize “IT”

Energy usage is probably the highest annual expense for today’s data center managers, and it will only continue to increase in the future.

When examining a data center’s energy usage, it’s usually seen as a whole building consumption, rather than individual equipment.

In spite of this, there are still valuable steps that IT authorities or data center managers should practice to make certain that their equipment constantly operates at a more energy efficient level.

Start by decreasing the amount of unnecessary power going into IT equipment by checking the workloads of all operating assets.

Ask questions like:

“Is there any older equipment that can be retired?”

“Is there old data that can be backed up elsewhere or at an off-site location?”

“Can a bulk of my data be stored via cloud?”

“Are there other operations that can be carried out remotely?”

 “Are there systems or workloads that can be combined?”

Whatever steps are taken in this manner, make sure that any efficiency checks don’t interfere with security. Data security should always be the number one priority.

Out with the Old, In with the New

Can you think of the last time someone performed a thorough equipment inspection of your data center? Has it been a while? Take a second and have a peak at how many servers are powered on, yet performing an insignificant task.

Hopefully your answer is none. An ideal data center will have all machines operating at the highest efficiency with business-critical missions. However, that’s not always the case.

If you have data center equipment that’s ready to be retired, then now is the time to look into an equipment buyback program. Let’s dispose of those old hard drives, servers, and other old equipment that’s collecting dust; while consuming energy and costing your company money.

If you’re already in the process of disposing of your retired equipment, it might be the perfect time for an upgrade. Usually as technology advances, it also reduces power consumption thus increasing data center energy efficiency.

Replacing older equipment with newer upgraded equipment can be a major difference in a data center’s energy consumption, saving your business thousands of dollars in the long run.

data center energy efficiency

Data Center Facility Inspection

Not only can older data center equipment increase operating costs, but the facilities with which the data center is located can make a difference as well. The building’s construction, along with where it’s located can play a big role in power consumption and annual costs.

Courtesy:BobLandstrom.com

Older construction buildings not only increase liabilities in the event of a disaster, but are often not a great fit for modern technology. As opposed to a newly built facility, an older data center housing will cost more to maintain consistent room temperatures and may also be subject to leaky roofs or shaky foundations.

As cloud migration and the move to more virtually-based data continues to expand, it’s very possible that the data centers of yesterday are greatly overbuilt for any modern needs.

In such a situation, it may very well be time for a total data center decommission. An entirely new building may appear unnerving at first, particularly with the upfront expenses. Nonetheless a general downsize will make certain your data center isn’t consuming more power than it needs to.

Prime Real Estate

Data center operational efficiency doesn’t always refer to just energy consumption alone. The physical location of a data center facility may also have a direct correlation to the operating costs involved.  

For example, a data center facility in New York City or Silicon Valley is going to cost significantly more than the same sized facility in Boise, Idaho. When taking location into mind, always take into consideration who your data center is serving.

Many data centers today have their facilities on the outskirts of major metropolitan cities.  If it’s not absolutely necessary for you to operate near major metropolitan areas or more expensive markets, then take advantage of the opportunity to move to a less expensive area.

Keep “IT” Cool

It’s no secret to data center managers that powering the IT equipment is only fifty percent of the equation. The other half of the problem is sourcing the power to keep the constantly running equipment cool.

Similar to all of the mission-critical equipment that’s operating 24/7/365, there is wastefulness that can be tackled to ensure cooling systems and operations aren’t consuming an unnecessary amount of power.

The simplest way for any data center to improve the efficiency of its coolers is to install economizers. The overall effectiveness of the economizers will depend on the local climate your data center facility is located in. Yet another reason to consider location.

Courtesy: energystar.gov

What is an economizer? Economizers are machines used to regulate indoor to outdoor temperatures.  According to the United States Department of Energy, an economizer could be anything from outside air refrigeration systems to a rooftop ventilation system used to cool a room. If the outside temperature is slightly cooler than inside the data center, then economizers are a great option to improve cooling efficiencies.

Additionally, take into account the current standard of air conditioning practices and equipment in your data center. Making sure the server hardware and other IT equipment remains cool enough to operate is extremely important.

Now make sure you don’t overdo it too. There are times when data centers can be kept too cool. Fortunately, most newer servers today have built-in systems to stay cool, and do not need to be kept as cool as older models. In this case, the data center’s HVAC can be occasionally turned off as temperatures are monitored more closely by the servers themselves.

Data Center Energy Efficiency

If a majority of your data center’s energy costs are directed towards cooling, then it might be time to upgrade the cooling equipment. Possibly the air conditioning unit in the entire building needs repaired or replaced.

Another great energy saver is to house any data center equipment generating too much heat using isolation structures. These complex isolation structures can guide the heat entirely out of the data center to heat other parts of the building as necessary.

Other modern cooling and venting systems can help data center manager’s improve operating efficiency and lower any consumption costs as well.

Maybe consider installing vented floor tiles to improve overall airflow, or installing chillers that will absorb and transfer heat between physical systems. Anything to help improve the general day-to-day maintenance of your data center will save money in the long run.

Courtesy: environmental leader

No two data centers are exactly alike and every situation is unique. Nevertheless, most IT managers are facing the same physical obstacles in regards to improving energy consumption and overall data center energy efficiency.

The best thing to do is start by conducting a thorough equipment inventory check and look at your current systems.  Slowly branch out from there in order to isolate and eradicate areas of deficiency.

Finally, if you find that the major efficiency improvements can only occur with an upgrade or complete face-lift to your data center, you may need a full-on data center take out

THREE REASONS TO START PLANNING YOUR IT INFRASTRUCTURE UPGRADE

0 Comments
IT upgrade

Microsoft will soon be ending its customer support for Windows Server 2008. What does this mean for you and your organization?

Well, the end of one era always means the beginning to another. This could be the perfect opportunity to ramp up your production, security, and improvements throughout. 

As much as we all tend to preach about the importance of staying up to date with the latest and greatest equipment in the IT industry, its easier said than done.

That fact of the matter is that more than half of all servers in operating existence are five to seven years old, and using archaic software like Microsoft Windows Server 2008.

windows server 2008
Image Courtesy of Microsoft

In recent news from the Microsoft Ignite conference, Microsoft will stop support for Windows Server 2008 and 2008 R2 effective January 14, 2020.

They also plan to terminate the support service of Microsoft SQL Server 2008 and 2008 R2 on July 19, 2019. If your organization is one of the many businesses that still currently uses these systems, you could be directly affected.

The news isn’t all bad though. Microsoft’s end of service could be the inspiration your organization needs in order to implement a full IT renovation, from up-to-date software solutions to the servers that propel them forward.

Need even more motivation for a data center facelift? We’ve put together three reasons to consider, based on challenges that technology experts are facing and the direct benefits they’re receiving from a well-orchestrated server overhaul.

Image Courtesy of Device42

REASON ONE: YOU’LL BE READY FOR MORE DEMANDING WORKLOADS

Recent surveys conducted with IT professionals and industry leaders suggests that analytics and AI strategy are among their top priorities in regards to infrastructure investments. 

Even more so, enterprise IP traffic is projected to triple by 2020. With these developments, it’s no surprise there’s a growing strain within IT that warrants an updated data center to sustain it.

Let’s be real here, there’s no such thing as “business as usual” anymore. Not just in IT, but in any industry for that matter. In order to stay competitive in any market, businesses must welcome change, and embrace adaptability to stay ahead. In terms of IT, modernization is critical.

According to 71% of those surveyed, the biggest road block preventing their IT transformation is an aging infrastructure. Businesses that currently operate with legacy systems find it nearly impossible to compete. 

Their archaic data centers just weren’t built to keep up with the modern demands of a digital world.

data center upgrade
Image Courtesy ComputerWorld.com

Modernization of your organization’s infrastructure is the most efficient strategy to stay competitive for the long haul.

A well-orchestrated renovation also brings opportunities to take full advantage of recent server technologies such as effortlessly handling workloads that would otherwise bog down any legacy systems.

For instance, new equipment running Windows Server 2019 optimized for Intel Xeon Scalable processors delivers a 4X performance increase over similar systems that are five years older.

REASON TWO: YOU’LL BENEFIT FROM INCREASED SECURITY

It’s no secret that the number of security breaches and cyber-attacks on businesses continue to grow astronomically, creating an impact of almost $2.1 trillion by 2019.

An older and weaker operating system leaves you vulnerable to an overabundance of business-critical attacks. The last thing any organization needs is a list of compliance failures that could result in the end of valued relationships. 

Ensuring your system is safeguarded against ransomware and protecting customer’s proprietary information to GDPR and HIPAA standards is vital.

Having an updated IT infrastructure allows you to deploy the latest security measures for data protection and encryption.

To name a few, Windows Defender Advanced Threat Detection and Intel Trusted Execution Technology, servers are furnished with a collection of multi-layered security resources.

Modern security can be instilled deep within an organization’s infrastructure and therefore out of reach of hackers. With features such as next-gen firewalls, security with software-defined networking, and identity and access management; newer systems create a much larger obstacles in the way of attacks.

REASON THREE: YOU’LL BE READY FOR THE FUTURE

Decrease total operating costs– Organizations that modernize experience up to 69 percent less revenue losses. Maintenance expenses used to maintain aging systems, unplanned downtime, and more abundant power usage all add up.

Simplify your transition to cloud – Studies have shown that by 2020, 90 percent of businesses will have developed a cloud strategy to support mission-critical applications. Updating your IT infrastructure will ensure you don’t get left behind.

Support expanding workloads – Organizations that update their systems have the ability to speed time-to-insight from analytics and AI technologies.
Enjoy the benefits of Windows Server 2019 – the advantages of the server upgrade include improved application platforms, containerization, pervasive encryption, and more

DON’T WAIT TO START PLANNING YOUR INFRASTRUCTURE UPGRADE

Despite the fact that your current legacy system may still be ultra-reliable, you’ll still want to take a proactive approach to planning a server upgrade before Windows Server 2008 support goes away. 

There is still plenty of time to both plan a serviceable upgrade strategy, and to take the steps necessary to complete it.

No matter which modernized options you wish to explore; whether it be hybrid cloud, hyperconverged infrastructures, virtualized networks, or the full capabilities of Windows Server 2019, DTC Computer Supplies can help.

Data Storage Security

0 Comments
data storage security
data storage security

As Breaches continue, DATA STORAGE and Fear of Adequate SECURITY are merging in the eyes of IT managers.

Over the years data storage security has become a concept centered around protecting data while warranting its availability to authorized personnel. 

Usually, data storage and data security are treated as individual subjects within the IT world, but that’s beginning to change faster than anyone thought it would.

A major reason for the recent merge in disciplines is the variety severity of security breaches routinely exposed by the media. 

As a result, IT managers in the healthcare, finance, and energy sectors have experienced a growing concern among their own.

A subdivision of the broader IT security field, data storage security specifically focuses on securing storage devices and the systems that operate those devices.

Securing data storage may as well be the last stand against an intrusion. 

However, it’s only an effective line of defense if data storage managers and IT administrators are willing to devote the time and effort needed to execute and initiate the existing storage security controls.

data security

In order to maintain reliable data storage security, IT administrators and mangers must carefully balance three important factors: confidentiality, integrity, and availability. 

This means keeping classified data away from unauthorized users, confirming reliability of the data on hand, and allowing access to accredited users within the organization. 

Administrators also need to be aware of the costs of storage security compared to the actual value of the data being safeguarded. 

It doesn’t make sense to have storage security systems in place that cost more than the data is even worth.

 

On the same note, managers should have storage security systems impenetrable to the point that it would cost potential hackers more money, time, and resources to breach them than the data is worth.

More than just recent data breaches, the array of liabilities administrators are progressively motivated to remove consist of shortage in encrypted systems and incomplete data destruction post deletion.

The setback associated with data destruction after data has been deleted can easily be solved with a SITAD organization.

Secure IT asset disposition firms are gaining popularity as they have gradually proven their effectiveness in helping businesses gain a higher return on their initial investment while keeping data secured during the destruction process.

There are also a number of simple steps that industry experts recommend for organizations that are considering employing storage security practices.

These steps include having specific data storage security policies as well as strong network and endpoint security.

Additionally, any organization that has concerns regarding their data storage security methods should invest in data tape backup.

The benefits of the tried and tested magnetic media storage are crucial when implementing effective storage and adequate backup systems and processes.  

tape seciurity