To emphasize the importance of recycling  electronics and in an effort to prevent the release of confidential information in the recycling of outdated technology, ShredDisk recently participated in Carolina Collegiate Federal Credit Union’s fall Shred Day. This was the first year the credit unions offered hard drive shredding to its members.

 

“Our members understand the importance of protecting themselves by destroying important documents. That’s why this year we decided to provide computer recycling and hard drive shredding to this event. We will continue to provide this service to our members and feel like this event will grow because of this service.”

Anne Shivers – CEO Carolina Collegiate Federal Credit Union

If you have any questions about media destruction, recycling technology or hosting a shred day in your community, please contact us through the Get it Shredded page.

On May 25th, WYFF News 4 ran a piece on the fact that wiping a hard drive, or deleting files on it, does not necessarily mean that all the information is really gone for good. They did a FANTASTIC job of getting the point across, and I really appreciate Tim Waller and John Hendon working with us to get the word out!!

Protecting individuals from the risk associated with data storage devices like hard drives, backup tapes and smartphone, is our goal at ShredDisk. Our means of accomplishing this goal is helping corporations mitigate the risk of a data breach inherent with retired data storage devices. We also work with our corporate clients and other strategic partners to offer Community Shred/Recycle Days to reach out to the public. Our clients know our solution keeps their staff focused on their daily activities, while providing a necessary mitigation of the risk of data breach.

Another special thanks to John Hoyt and Homeland Secure IT, who provided the heavy lifting on the file recovery, and was instrumental in the bringing the story to life!

Final thanks to Jason Lynch at Total Training Services for his insight and help!

Remember…”delete” in computer terms does not mean all that you think it does!!

Everybody likes a freebie once in a while, but get ready for a different kind of swag from ShredDisk on May 17th. That’s when we’ll be at Grow Expo for the second year in a row, but this year we’re doing something new. We’ll have one of our trucks INSIDE the Expo, and we invite you to bring your old computer so we can remove the hard drive and shred it while you watch. After you get to see your old data turned into metal mulch, we’ll give you some of the most original swag ever! We’ll also recycle your old computer free of charge!

Grow Expo is sponsored by the Greater Greenville Chamber of Commerce and will be held at the Carolina First Convention Center on May 17th 2011. Tickets to Grow Expo are free and available from exhibitors prior to the Expo. We hope to see you there!

An article in Network World has once again proved that ID thieves are heartless and conniving. This article highlights a study done by Carnegie Mellon Cylab that indicated as many as 10% of children may have had their Identity stolen before they are even old enough to know what credit is. The rate of adults who have their identity stolen is only .2%. Now this is only one study, and obviously there are many variables involved in any study such as this, but man…with all we have to worry about, now this too?!

In order to safeguard your child’s ID, let’s look at some organizations who have access to this precious information. There are the obvious ones, like your pediatrician and the school system, but who else might you have given this information to? Remember when your child got tubes in their ears? That adds at least two more to the list…the ENT and the hospital where the surgery was performed. Have a college fund for your kids? That adds at least two more to the list…the financial advisor and the investment house who runs the fund you invested in.

We could go on and on but you get the point. The more people that have access to your kids’ non-public information, the more likely it is it will be misused. Don’t hesitate to ask your doctor what safeguards they employ to protect information. Same thing with your investment advisor. The simple fact that you asked about it is likely to help them take information security more seriously. The more we all ask, the better security will get. A great example of how everyone pitching in a little bit makes it a lot better for everyone.

There was an article in the New York Times on March 10, 2011. Actually, there were lots of them. But this one particular article describes how the Comptroller for the State of New Jersey stopped a state equipment auction moments before 56 computers were sold to the highest bidder. The Comptroller’s office had just reviewed an audit of computers that went through a certain warehouse in the state before they were made available to the public. Apparently, the state employees in the warehouse didn’t like to use the equipment that destroyed digital data because it was noisy. The larger concern was that auditors had no way of knowing if previous computers through the facility were handled correctly or not. I encourage you to read the article, especially if you need something else to raise your blood pressure today.

The quote from the Director of the Privacy Rights Clearing House, Beth Givens, sums it up best for me. She says, “Public-agency breaches are disheartening because they have so much data, and much of it is sensitive. Data stewardship should be the top priority for them.” Well put Ms. Givens.

So what is your home state doing to protect digital information about you? Being based in the Upstate of South Carolina, we do most of our work in the Southeast, ranging from Washington DC, over to Nashville, TN and on down through the Carolinas and Georgia. Stay tuned…we are going to see if we can figure out just how the states we operate in protect your digital information. We’ll update you soon!

I chose to be in the information destruction business because I wanted to help protect people from the horrors of identity theft. As a part of this business, I spend a fair amount of time educating people on how to protect themselves and their companies from data theft and misuse. In an effort to keep reality at the head of education, my friend John Hoyt and I decided to run a little experiment. John owns Homeland Secure IT in Greenville, SC, and has probably forgotten more about technology that I will ever know. He is also a heck of a good guy. Here is a brief story board of events. Please share this information with others…you may be saving them a ton of trouble!

Near the beginning of March I purchased a hard drive from a computer store here in my town. I asked for the cheapest one they had. It was a used 40GB drive, similar to most any hard drive in any desktop computer. I delivered it to John, who used a piece of software that costs about $100 to recover 194,000 files on the hard drive. There were many excel files, accounting software files, jpeg and mp3 files. While we didn’t open any of the recovered files, their titles indicate they kept very good records on their assets, their family, and even a parents’ medications on their computer. A narrative from John during this process can be seen here. Of course no personally identifying information is revealed in the video, and when we had completed the experiment we used software to completely overwrite all the information on the drive, and it has now been shredded by ShredDisk.

Does this experiment concern you? If you have ever donated, sold, or traded in your old computer, it should. The store did nothing illegal. The drive was formatted as they said it was, and was ready for use. There is no law preventing the sale of used computer parts. The consumer most likely did not understand how hard drive data storage works. They are not alone. Most people I talk with think deleting their files actually deletes them and they can’t be recovered. THIS IS NOT THE CASE! I REPEAT, THIS IS NOT THE CASE!

It is a fine idea to donate your computer or to save on a new computer by trading the old one in. I sympathize with you…there are few people who like to save money as much as me. But the only way to do this and be certain your data is protected is to protect it yourself. Please remove your hard drive beforehand, or have the store remove it and give it to you for destruction. You may lose a little on the trade-in value, but what you protect could save you thousands!

Being a former banker, I am familiar with the daily fight to keep money and information safe. I read an article today that highlighted how sneaky crooks are becoming, specifically in their quest to hack banks. The most recent attempt is targeting Blackberry’s and the two-factor authentication some banks employ to protect them. For those not familiar with two-factor authentication, consider it this way: when you leave home, if you lock your door and turn on your alarm system, you will need two-factor authentication to re-enter the home without the alarm going off. Typically that would be something physical (the key) and something only you would know (the alarm code).

If hackers are going to this amount of trouble to hack phones, you better believe there is a nice pay day for them at the end of the hunt. So it is with all digital information. Please consider where and how you keep digital information for you personally, and your company. Smart phones are wonderful tools, but the information they contain can damage you and your company far beyond the benefit they provide if not properly protected. This is important when they are in service, and when they are retired.

While the fight to protect data while you are using it is long and arduous, retired data can be protected very simply. Watch it get shredded! By the way, ShredDisk shreds smart phones!

I just read an article regarding the cost of data breaches in 2010. The research was conducted by the Ponemon Institute for Symantec. Of the 51 case studies used in the research, the average cost to the company that was breached in 2010 was $7.2 million.

Those are some big numbers, primarily from large companies. If you are a SMB, a more appropriate number to consider might be the average $214 per compromised record, up from $204 in 2009.

Breaches come in many shapes and sizes. As a professional with a banking/security background many come to mind, some are obvious, some not so much. Here are some examples.

Your firewall and/or network gets hacked by a pro.

– You misplace or outright lose customer data on paper or electronic media.
– A critical vendor who maintains your information is breached.
– Your employee accidentally disposes of or shares sensitive data.
– Employee sabotage.
– Former employee with “back-door” access to your system.
– Your standards for data protection are loose or disregarded, i.e. no “clean desk” policy.

When is the last time you took a fresh look at your information security program and practices? Audits and policies are easy to push down the list, but as one of my favorite bands sang…”Once in a while you can get shown the light in the strangest of places if you look at it right”.

Protect your customers, your reputation, and your company…it just makes good sense.

I ran across another sad article, this one published in the online version of Information Security on February 11, 2011. The full article can be found here.

In this instance, a hospital used an outside supplier to transport sensitive information about patients, staff, vendors, and contractors contained on electronic media. Security controls were in place, however some amount of media was stolen. To the tune of 1.7 million non-public records. WOW!

All parties involved are handling the breach in a respectable way, but consider the cost of this breach to the organizations involved. According to the report, the average cost per record stolen is a little over $200 each. That rings up to around $350,000,000 in unplanned expense in this example.

Think you are too small to need to worry about a breach? Multiply the number of your customers, staff, vendors and contractors times $200. Is that figure that would wake you up in the middle of the night?

We at ShredDisk, Inc. hope you never find out. Protect your data!!

According to an article in GSA Business on March 3, 2011 (Greenville men sentenced in counterfeit currency case, Staff Report), more than a few people in the Upstate of South Carolina were given counterfeit $100 bills in exchange for various electronic equipment including computers.

As I thought about that for a minute, it brought to mind the risk the victims of this crime were taking in the first place. I believe it would be safe to postulate that all of these computers still contained the hard drive. If that is true, it would be fairly safe to say that most of these computers contained some kind of information the victim would rather not be made public (online banking info, remembered passwords, tax info, websites you have visited, etc). I would hope that the victims at least “deleted” all of the files they thought were important, but would bet they didn’t realize that with some very basic and free tools that all the “deleted” information could be recovered. Even if you pay for software that overwrites your old data 7 times, you can still only be 99% certain that all your information is truly unrecoverable.

99%. Is that good enough? I love minimizing risk probably more than the next guy, but if that 1% comes back to bite you, it’s going to hurt. Bad. The last figure I saw on an identity theft recovery was upwards of $10,000 and over 80 hours of personal time. That is about 500 times what it costs to have your hard drive completely destroyed as you watch, and your computer recycled in a responsible way.

It should make you think before you sell or donate your old computer. Can I be 100% sure that my confidential information won’t be compromised? What proof do I have? If you aren’t sure, please take an extra minute to find a reputable hard drive destruction company who responsibly recycles electronics. By the way, ShredDisk, Inc. does that!

next ›