Freedom and Security

Freedom and Security

0 Comments

By living in the United States, we are blessed with many freedoms such as freedom of speech, freedom of press, and freedom of information. But what exactly is “freedom of information” and how can it really exist with all the current regulations guarding the release of such information?  

The Freedom of Information Act (FOI), is a federal freedom of information law, signed by President Lyndon B Johnsen in 1966, requiring the full or partial disclosure of previously unreleased information and documents controlled by the United States government upon request. 

So can a federal law requiring the release of information upon request coexist with the recent Data Protection Act (DPA) and laws meant to protect our “digital privacy”? 

5 Ways the Freedom of Information Act and the Data Privacy Act Coexist

1. The concepts of “data privacy” and “privacy” are different

The Data Privacy Act (DPA) may not have explicitly defined the terms “data privacy” or “privacy”. Although, we must know that these are two different concepts that function with two distinctive purposes.

“Data privacy” refers to the personal information of individuals, who are mentioned in the law as a “data subject”. These “data subjects” are provided certain rights in respects to the processing of their personal information as well as the security of personal information being processed and accountability for the transfer of information.

“Privacy” as a single concept is not so articulately defined in our laws. Although, in the Bill of Rights “privacy” is stated to be the right of individuals or citizens to be secure in their persons, houses, papers and effects against any unreasonable searches and seizures of whatever nature and for any purpose.

This means is that the “privacy” in the Freedom of Information Act (FOI) operates under different rules and is not necessarily affected by the stipulations of the Data Privacy Act.

As a “data subject” under the DPA, what we should be attentive of is the actual processing of our personal information. Processing is described as any operation or set of operations performed upon personal information including, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data.

That being said, the act of processing personal information is different from the giving of public access to information in the matter of public interest. Therefore, the act of providing public access to information is not considered the same as “processing” of personal information as intended by FOI and DPA.

Besides, the disclosure and public access in the matter of public interest, is part of the Bill of Rights, as “the right of the people to information on matters of public concern”.

As the rights to public information are stemming from the American Constitution, they cannot just be reversed by the notion of “processing” of personal information provided for by the DPA. In other words, a law simply cannot be made to triumph over a provision of the Constitution.

3. Personal Information in the Data Protection Act does not Include Investigation into Public Officials

There may be certain types of sensitive personal information whose processing is prohibited apart from certain exceptions provided by the law. Looking at what may be considered as prohibited sensitive personal information, refers to any proceeding for any offense committed or alleged to have been committed by a public official.

That means is that if there’s any alleged wrongdoing by a public official, the public official cannot simply claim they have “sensitive information” that cannot be disclosed because there has to be court proceedings first where sensitive personal information may be involved.

4. The Data Privacy Act does not Protect the acts of Public Officials under their Job Function

Information about any individual who is or was an officer or employee of a government institution is outside of the scope of the law. Any such information about the acts of the public official on how he or she has performed his or her functions are not covered by the rights to data privacy.

This means is that the DPA cannot be used to deny access to the information being requested, since the DPA has nothing to do with information. Instead, it is the rules of the FOI that will deal with how this non-disclosure or disclosure of the public official’s personal information will be carried out.

5. Violating Rights to Privacy can Create Civil Liabilities in the FOI, but not the DPA.

The FOI creates liability for damages by any public officer, employee, or private citizen, who obstructs, defeats, violates, or impairs the constitutional rights to be secure in one’s person, house, papers and effects against unreasonable searches and seizures.

What this means is that the public official, whose right to privacy is protected, can sue anyone for damages, who may interfere with the public official’s right to privacy, but not the data privacy referred to in the DPA.

This right to sue for damages for violation of constitutional rights is a broad one, which is different from the right to restitution. Restitution, refers to the restoration of the thing itself, which means a rectification of any error in the processing of personal information by the data subject and nothing else.

Conclusion

At first glance, the right to privacy may defeat the public’s right to information on matters of public concern but this must be distinguished with the right to data privacy which operates under rules provided by the Data Privacy Act (DPA).

The DPA and the FOI do not outrightly clash, but the application of rules in both of the laws may need to be refined and consistent to fully carry out the public’s right to information on matters of public concern.

THREE REASONS TO START PLANNING YOUR IT INFRASTRUCTURE UPGRADE

0 Comments
IT upgrade

Microsoft will soon be ending its customer support for Windows Server 2008. What does this mean for you and your organization?

Well, the end of one era always means the beginning to another. This could be the perfect opportunity to ramp up your production, security, and improvements throughout. 

As much as we all tend to preach about the importance of staying up to date with the latest and greatest equipment in the IT industry, its easier said than done.

That fact of the matter is that more than half of all servers in operating existence are five to seven years old, and using archaic software like Microsoft Windows Server 2008.

windows server 2008
Image Courtesy of Microsoft

In recent news from the Microsoft Ignite conference, Microsoft will stop support for Windows Server 2008 and 2008 R2 effective January 14, 2020.

They also plan to terminate the support service of Microsoft SQL Server 2008 and 2008 R2 on July 19, 2019. If your organization is one of the many businesses that still currently uses these systems, you could be directly affected.

The news isn’t all bad though. Microsoft’s end of service could be the inspiration your organization needs in order to implement a full IT renovation, from up-to-date software solutions to the servers that propel them forward.

Need even more motivation for a data center facelift? We’ve put together three reasons to consider, based on challenges that technology experts are facing and the direct benefits they’re receiving from a well-orchestrated server overhaul.

Image Courtesy of Device42

REASON ONE: YOU’LL BE READY FOR MORE DEMANDING WORKLOADS

Recent surveys conducted with IT professionals and industry leaders suggests that analytics and AI strategy are among their top priorities in regards to infrastructure investments. 

Even more so, enterprise IP traffic is projected to triple by 2020. With these developments, it’s no surprise there’s a growing strain within IT that warrants an updated data center to sustain it.

Let’s be real here, there’s no such thing as “business as usual” anymore. Not just in IT, but in any industry for that matter. In order to stay competitive in any market, businesses must welcome change, and embrace adaptability to stay ahead. In terms of IT, modernization is critical.

According to 71% of those surveyed, the biggest road block preventing their IT transformation is an aging infrastructure. Businesses that currently operate with legacy systems find it nearly impossible to compete. 

Their archaic data centers just weren’t built to keep up with the modern demands of a digital world.

data center upgrade
Image Courtesy ComputerWorld.com

Modernization of your organization’s infrastructure is the most efficient strategy to stay competitive for the long haul.

A well-orchestrated renovation also brings opportunities to take full advantage of recent server technologies such as effortlessly handling workloads that would otherwise bog down any legacy systems.

For instance, new equipment running Windows Server 2019 optimized for Intel Xeon Scalable processors delivers a 4X performance increase over similar systems that are five years older.

REASON TWO: YOU’LL BENEFIT FROM INCREASED SECURITY

It’s no secret that the number of security breaches and cyber-attacks on businesses continue to grow astronomically, creating an impact of almost $2.1 trillion by 2019.

An older and weaker operating system leaves you vulnerable to an overabundance of business-critical attacks. The last thing any organization needs is a list of compliance failures that could result in the end of valued relationships. 

Ensuring your system is safeguarded against ransomware and protecting customer’s proprietary information to GDPR and HIPAA standards is vital.

Having an updated IT infrastructure allows you to deploy the latest security measures for data protection and encryption.

To name a few, Windows Defender Advanced Threat Detection and Intel Trusted Execution Technology, servers are furnished with a collection of multi-layered security resources.

Modern security can be instilled deep within an organization’s infrastructure and therefore out of reach of hackers. With features such as next-gen firewalls, security with software-defined networking, and identity and access management; newer systems create a much larger obstacles in the way of attacks.

REASON THREE: YOU’LL BE READY FOR THE FUTURE

Decrease total operating costs– Organizations that modernize experience up to 69 percent less revenue losses. Maintenance expenses used to maintain aging systems, unplanned downtime, and more abundant power usage all add up.

Simplify your transition to cloud – Studies have shown that by 2020, 90 percent of businesses will have developed a cloud strategy to support mission-critical applications. Updating your IT infrastructure will ensure you don’t get left behind.

Support expanding workloads – Organizations that update their systems have the ability to speed time-to-insight from analytics and AI technologies.
Enjoy the benefits of Windows Server 2019 – the advantages of the server upgrade include improved application platforms, containerization, pervasive encryption, and more

DON’T WAIT TO START PLANNING YOUR INFRASTRUCTURE UPGRADE

Despite the fact that your current legacy system may still be ultra-reliable, you’ll still want to take a proactive approach to planning a server upgrade before Windows Server 2008 support goes away. 

There is still plenty of time to both plan a serviceable upgrade strategy, and to take the steps necessary to complete it.

No matter which modernized options you wish to explore; whether it be hybrid cloud, hyperconverged infrastructures, virtualized networks, or the full capabilities of Windows Server 2019, DTC Computer Supplies can help.

Are Your Electronics Poisonous?

0 Comments

There are thousands of toxic elements found in every day electronics; ranging from cleaners to fire retardants. These toxic elements are in circuit boards, hard drives, cell phones and computer monitor screens. About 40% of substantial metals found in landfills are lead, mercury, and cadmium from electronics that have been not properly recycled. Main contributors to these toxic elements are CRT computer monitors. Recycling these used and surplus electronics equipment, can help stop toxins from culmination in landfills and causing health and environmental hazards.

Common Toxic Elements

Lead – a cause of brain damage

Mercury – a cause of kidney damage

Cadmium – a kidney poison

Brominated Flame Retardants (BFRs) – cause hormone issues and developmental problems

Indium – another major toxin in semiconductors.

CRT and LCD Monitors

Cathode Ray Tube (CRT) TVs and computer monitors contain a large amount of toxins. A typical CTR monitor contains about 4 to 8 pounds of lead. Flat screen monitors and flat screen TVs contain a smaller amount of lead, but must still be disposed of appropriately. Flat screen TVs also have a significant amount of mercury, making them just as damaging as CRTs if not disposed of properly.

Choose a Certified ITAD Vendor

Illegal disposal of IT assets is beginning to gain the interest of industry regulators resulting in huge fines. According to the Comprehensive Environmental Response, Compensation and Liability Act of 1980, companies are responsible for the recycling processes of their retired IT assets. Companies can avoid environmental penalties by ensuring proper, certified disposal of your IT assets with a certified ITAD vendorWe Buy Used IT Equipment has the environmental compliance status required to safely and legally recycle your IT equipment.

As consumers we are ultimately responsible for the products we buy and their eventual disposal. We Buy Used IT Equipment has the environmental compliance status required to safely and legally recycle your IT equipment, avoiding fines from industry regulators. As a leader in the e-waste recycling industry since 1965, our goal is to make sure your It equipment is recycled responsibly and kept out of landfills. You will reap the benefits of our experience and care for your assets as our processes make sustainability and corporate social responsibility easily achievable.

A Practical Guide to Hard Drive Destruction

0 Comments
Hammer Destruction Hard Drives

Hard Drive Destruction

Destruction seems to be an enjoyable activity when done in a purposeful manner. Destroying things such as demolition day on a home renovation or monster truck rallies can be both rewarding and entertaining. The best part is that they won’t come back to haunt you in the future. To the contrary, destroying old computer equipment, if not done properly, can become a nightmare for all involved. Unbeknownst to many, a used computer’s hard drive contains old e-mail messages; credit-card, bank-account, and Social-Security numbers; and plenty of other personal information even after it’s “deleted”.crushed hard drive

In order to ensure data security, a proven destruction technology that is safe, easy to use, and, most importantly, effective is needed. Data-recovery technology constantly progresses day by day. There are many techniques used by the U.S. National Security Agency/Central Security Service (NSA/CSS) that are not top secret, but still allow the recovery of information from seriously damaged hard drives.  The U.S. government is so fearful with the loss or theft of data that the NSA has implemented procedures that warrant hard drives to be demagnetized and burned or otherwise physically damaged prior to disposal. Many other countries have similar guidelines.

Aside from governments securing state secrets, every person and enterprise has old hard drives that should eventually be destroyed.  And don’t think that just because you aren’t a government agency or contractor you don’t need to be vigilant about hard-drive disposal.  There are real risks of information (financial and tax records, Internet purchases, etc.)  falling into nefarious hands, not to mention there is information your competitors would love to see, such as price lists, sales figures, customer data, engineering data, memos drafted in preparation for bidding, e-mails from the president to his mistress, etc.  Aside from damage to one’s reputation, there is the possibility of a lawsuit from an employee, customer, patient, or other individual who claims he or she was harmed by the release of his/her private information.

Although providers in the health care industry, financial institutions, and government/military entities are subject to higher standards of confidentiality, every business has employee records and proprietary information. As little as one hard drive from one computer can contain hundreds of thousands of sensitive documents.  When a file is “deleted” from a computer, the information essentially remains on the hard drive. The same goes for “deleted” e-mail messages and all online search history. Reformatting to original settings or overwriting the hard drive may not be enough to prevent sensitive data from being recovered using the right techniques and equipment.

Methods to the Destructive Madness

Whether a hard drive is really destroyed sufficiently to avoid the salvaging of confidential information is debatable.  Here is a list of some of the safer options for complete data destruction:

Overwriting

“Disk-wiping” software is used to change the stored data into a pattern of pointless characters.

Degaussing

Degaussing is merely the elimination of a magnetic field.  There are two approaches to degaussing.  The first technique passes hard drives through the magnetic fields of powerful, fixed, rare-earth magnets, permanently erasing the data.  The second method uses a powerful electromechanical pulse that instantly produces a powerful magnetic field to permanently erase data from the hard drives.

hard drive degausser

Crushing

This method of destruction destroys drives by exposing them to extreme compression from a pointed steel punch.  These work well for a light volume of drives as they are relatively inexpensive and available in manual or powered set ups. However, unlike degaussing, the data located in the distorted hard drive is still complete, but it is nearly impossible to retrieve.

 

automatic sledgehammer

Shredding

Like the word says, shredders literally rip and tear hard drives to pieces.  This method is very similar to a commonplace paper shredder. Although, hard drive shredders are much stronger and capable of destroying several types and sizes of drives, with the largest destroying up to 2,500 hard drives per hour.

Hard Drive Shredding Services

 The Outsourcing Option

Some businesses may have the confidence to invest in hard drive destruction equipment, knowing confidential information and sensitive data will never leave their facilities. On the other hand, many companies can’t imagine the feasibility of purchasing expensive equipment for the purpose of destroying a few items. Such businesses choose to outsource their hard drive destruction to companies like We Buy Used Hard Drives.

We Buy Used Hard Drives is an asset liquidation firm specializing in buying used hard drives, SSDs, servers, networking, storage, memory and processors. Since 1965, We Buy Used Hard Drives has consistently maintained the highest data security standards. Their spotless reputation ensures transactions are handled efficiently, ethically, and securely from start to finish. Surprisingly, with thousands of transactions processed, they have never had one security breach or data loss.

Whichever hard drive destruction method is chosen for ridding of obsolete equipment, be aware of the fact that they contain toxic materials. As a leader in the e-waste recycling industry for over 50 years, We Buy Used Hard Drives and their parent company DTC Computer Supplies, continuously research options that lessen the chance of environmental pollution.  In fact, some computer components can be reused, and most can be recycled instead of trashed. Data security has always been the priority, but data security and recycling can work seamlessly together.

Like what you read? Please feel free to share our latest article on social media.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Reference:  https://www.semshred.com/contentmgr/showdetails.php/id/2480