Posts Tagged ‘department of defense’

Recycle with data security at the forefront

We live in a world where company and personal information is a highly valued commodity. It is crucial that companies do everything they can to stop their sensitive information from falling into the wrong and most devastating hands.

Recent mega-breaches by the numbers*:

Target: 40 million – The number of credit and debit cards thieves stole from Target between Nov. 27 and Dec. 15, 2013

eBay: 145 million people affected

JP Morgan Chase & Co.: 76 million households and 7 million small businesses affected

CHS Community Health Systems: 4.5 million people affected

Michael’s Stores: 2.6 million people affected

Neiman Marcus: 1.1 million people affected

The result?

Mega breaches are mega expensive! The average cost of a data breach for a company is $188 per record. Based on an average 28,765 records per US breach, one study identified a total organization cost of $5,403,644 per data breach.*

A call for change!

According to eWeek, “An alarming number of widely publicized data breaches is sparking change in the attitudes of business leaders and consumers when it comes to cyber-security. Consumers and regulators alike are demanding more communication and remedies from businesses after data breaches occur. As a result, the topic is one of the highest priorities facing businesses and regulators in 2015.”

Although the spotlight has been on infiltration by a criminal hacker, breaches can happen as a result of a company’s negligence in handling its end-of-life electronics; computers, hard drives, cell phones and all other data-bearing devices.

It is a paradox that while electronic waste is entering the waste stream at an accelerated pace, there’s little to no information on what happens to e-waste in the end – and the chaos that can ensue if not handled properly and responsibly.

By carefully reviewing an organization’s electronics and data disposal process, companies can nip the problem in the bud.

How can we do our part in helping to thwart data breaches?

Make it a top priority to outsource the management of unwanted electronics equipment to those who are qualified and experienced in handling recycling and data security management.

Be sure to use a R2/RIOS Certified, responsible recyling/data destruction company. These are highly regulated companies who achieve the highest level of excellence. Look for other certifications and compliances as well – HIPAA, DoD, NIST, NAID, NSA. For more information, check out WWW.PCSMASS.com

* According to the 2014 Ponemon Institute Report

** In May 2013, the Ponemon Institute released its 2013 Cost of Data Breach Study: Global Analysis (“Ponemon Study”),

News: Draft RFP for NIST/NCCoE Research and Development Center Now Available

Two government agencies (the National Institute of Standards and Technology (NIST) and the National Cybersecurity Center of Excellence (NCCoE)) are looking for input regarding the establishment of a Federally Funded Research and Development Center. Recently, the two agencies released a draft RFP (request for proposals).

According to Federal Business Opporunities, “the purpose of this partial Draft RFP is to improve the understanding of Government requirements and industry capabilities, thereby allowing potential offerors to judge whether or how they can satisfy the Government’s requirements, and enhancing the Government’s ability to obtain quality services at reasonable prices, and increase efficiency in proposal preparation, proposal evaluation, negotiation, and contract award.”

Interested parties are encouraged to respond to the notice in accordance with the attached “Attachment 1- Partial Draft RFP Instructions to Interested Parties.” You can find all of that information on the FBO website.

In addition, The National Institute of Standards and Technology (NIST), National Cybersecurity Center of Excellence (NCCoE) will be hosting an Industry Day on January 8, 2014 for parties interested in the proposed Federally Funded Research and Development Center to engage vendors and federal employees in a discussion about the proposed requirement, the NCCoE, and the forthcoming Draft Request for Proposals (RFP) for the requirement.

The event will be held in Rockville, Maryland and you can find more information about that right here.

According to a release, The Industry Day will focus on the mission of the NCCoE and ongoing and future projects of the NCCoE, along with the Draft RFP for the FFRDC requirement. The Industry Day will also allow vendors to market their relevant capabilities to others in attendance. The Industry Day will first provide all attendants information on the NCCoE, its objectives and its direction.

If you’re looking for a reliable asset disposal service, PCS of Massachusetts is ready and willing to help you recycle your electronics and destroy your data.  PC Survivors of Massachusetts, L.L.C.  (R2) Certified,  86 Finnell Drive Unit 6,Weymouth, MA 02188 /Cell: 781-635-6281 /Office: 781-335-1220 / Fax: 781-335-1499 / www.pcsmass.com

30

12 2013

NIST: The Development of Trusted Identities to Secure Critical Infrastructure

In a post on the White House blog, Michael Daniel (a Special Assistant to the President and the Cybersecurity Coordinator recently explained why “the country’s system of passwords as it exists today is hopelessly broken” and what the  the National Strategy for Trusted Identities in Cyberspace (NSTIC) is doing to fix it.

The NSTIC, Daniel says, has called for the creation of an Identity Ecosystem – an online environment in which individuals can trust each other because they follow agreed-upon standards to authenticate their digital identities.

What this means for individual users is that they will be able to choose from a variety of more secure, privacy-enhancing identity solutions that they can use in lieu of passwords for safer, more convenient experiences everywhere they go online.

The NSTIC also helps multiple sectors in the online marketplace, because trusted identities provide a variety of benefits: enhanced security, improved privacy, new types of transactions, reduced costs, and better customer service. The National Institute of Standards and Technology (NIST) is leading implementation of the NSTIC.

In October, the NIST released a preliminary version of the Cybersecurity Framework, which aims to reduce cyber risks to critical infrastructure.  Daniel explains the framework alongside an executive order from President Obama (Executive Order 13636Improving Critical Infrastructure Cybersecurity,” ) are a pathway to ultimately fixing the problem of identity theft.

While the Executive Order focuses on critical infrastructure, managing identities is a foundational enabler for cybersecurity efforts across all sectors. The NSTIC complements the goals and objectives of President Obama’s Executive Order by promoting the use of trusted identity solutions in lieu of passwords, which will help strengthen the cybersecurity of critical infrastructure. Trusted identities offer owners and operators of critical infrastructure more secure, privacy-enhancing, and easy-to-use solutions to help secure IT systems from potential attack.

This could mean in the future you’d be asked to sign in for any number of accounts or sites using anything from retinal scans, fingerprint-based passwords or most recently thrust into the spotlight with the iPhone 5, facial recognition. The ideas aren’t new, what is is the framework, currently being developed and commented on.

Currently, the NSTIC is facilitating the work of a private sector-led Identity Ecosystem steering group, which is working to develop an Identity Ecosystem Framework in which different market sectors can implement convenient, interoperable, secure, and privacy-enhancing trusted solutions for digital identity, including within critical infrastructure. This group currently has more than 200 members.

Guess what. They’re looking for your input on the preliminary Cybersecurity Framework. You can go to the Federal Register to comment by Dec. 13. (Click here for more information on how to submit comments.)

If you’re looking for a reliable asset disposal service, PCS of Massachusetts is ready and willing to help you recycle your electronics and destroy your data.  PC Survivors of Massachusetts, L.L.C.  (R2) Certified,  86 Finnell Drive Unit 6,Weymouth, MA 02188 /Cell: 781-635-6281 /Office: 781-335-1220 / Fax: 781-335-1499 / www.pcsmass.com

 

11

12 2013

News: America Recycles Day celebrated on Nov. 15

America Recycles Day may sound like a new holiday but it was founded in 1997 and since then has cause to encourage people to recycle 365 days a year. Given that the United States is second only to China in most trash produced, it may be one of the most important days of the year.

According to the America Recycles Day website, 48,512 people signed up to pledge that they would recycle more going forward.

Sponsored by Keep America Beautiful, America Recycles Days is designated to educate citizens how to recycle in their communities and to renew their recycling efforts.

In a recent opinion piece Mary Beth Calan on Wickedlocal.com, the of Mary Beth Calnan/Belmont Recycling Coordinator of Belmont wrote about the holiday and what Massachusetts residents can do to boost their own recycling production.

It is especially important to follow recycling collection regulations now more than ever. China is enforcing strict standards for waste imports and prohibiting containers filled with contaminated recycling to be unloaded at their docks. These actions have been labeled ‘Operation Green Fence’ and are imposed to protect China’s environment, which has been polluted by the recycling industry. These stricter regulations are having an effect in the U.S. forcing higher standards at the recycling facilities. The contaminated recycling that routinely went to China now needs to be dealt with here.

Don’t focus on recycling more, focus on trashing less. A crazy statement coming from a recycling coordinator, but the goal is to have fewer items go in the trash. It would be better for a family of four to put out one trash barrel with one bin full of paper and one bin full of containers rather than three trash barrels with four bins of containers (mostly single serve plastic water bottles) and four bags of paper. Why? A family of four that has only one barrel of trash is doing a great job of reducing and reusing. They reduce by buying less stuff, buying in bulk, and looking for products that have less packaging. They reuse by donating unwanted clothing, books, and toys, using reusable mugs, water bottles and bags, and renting or sharing items that are used less frequently. Learning how to reduce and reuse results in having less stuff to throw away.

If you’re looking for a reliable asset disposal service, PCS of Massachusetts is ready and willing to help you recycle your electronics and destroy your dataPC Survivors of Massachusetts, L.L.C.  (R2) Certified,  86 Finnell Drive Unit 6,Weymouth, MA 02188 /Cell: 781-635-6281 /Office: 781-335-1220 / Fax: 781-335-1499 / www.pcsmass.com

17

11 2013

Data Storage: The Resurgence of Tape

 

 

While you may drudge up memories of huge computer towers with the mention of tape-based hard drives, they aren’t just a remnant of the past. According to an article over at the Register, tape never died, it was just resting.  Author Bryan Betts says in some cases tape is doing better than ever, especially when used in combination with hard disk, either in a combined backup appliance with deduplication capabilities or as tiers within an archive.

Betts writes a big part of the change in the storage landscape was the huge advances in hard-disk technology and capacity, which for years were not accompanied by equivalent advances in tape technology.

But, with the advent of deduplication – technology looks for repeated patterns in data and stores or transmits each pattern only once, with subsequent copies replaced by a pointer – we are seeing lots more backup to disk.

So while tape has largely disappeared from roles where disk is better suited, such as fast or random access, handling multiple backup jobs in parallel, start-stop usage and deduplication, it has seen something of a comeback in areas where it has unique strengths, such as streaming speed, low-cost media and long-term storage.

According to Betts, the development of tape technology has accelerated since the turn of the millennium, so those strengths once again include high data densities, with the latest LTO-6 generation able to hold 6TB or more of compressed data per cartridge.

But, tape was not without its flaws. In the article, Betts talks to Steve Mackey, vice-president international at Spectra Logic, one of the very few old-school tape suppliers to have survived and prospered.

Mackey says while tape has its merits – it’s highly performant and scalable, it needs very low power consumption too – 1990s tape technology was prone to mishandling – and operators were unlikely to tell anyone if they dropped a cartridge. Plus it might be moved off-site or stored in a room that wasn’t temperature controlled.

But, he says, the reliability of tape has improved 700 per cent in the last 10 years or so. Mackey adds that a hard disk on its own can fail, so they put them in arrays and do backups.

“It is the same with tape. In big content archives you will always have data protection, probably including at least one duplicate. The most valuable data will have two copies in different locations, similar to disk mirroring,” he says.

As tape has come to be accepted as complementary to disk, the need to manage the two and make them play well together has grown.

“The problem is that data growth is faster than the growth of disk capacity,” Frank Reichart, senior director product marketing for storage at Fujitsu says.

All this in turn has brought opportunity and advantage for the developers and users of backup appliances, whether disk-to-disk or disk-to-disk to tape. These virtualize the physical target disk or tape systems and emulate several logical backup devices, typically multiple virtual tape libraries.

In summation, Betts says as well as offering the advantages of both disk deduplication and tape, backup appliances can also process data and build a backup without overloading either the backup or application servers.  He points to future developments, backup appliances that also act as cloud gateways, enabling storage professionals to add external storage as an additional option for backups and archives.

If you’re looking for a reliable asset disposal service, PCS of Massachusetts is ready and willing to help you recycle your electronics and destroy your data.  Give us a call at (781) 335-1220 or contact us online here.

 

08

11 2013

Computer Extortionists Using ‘Ransomware’ Called CryptoLocker

While there is nothing new about ransomware – different forms of it have been circulating since as far back as 1989 – in recent weeks internet security firms have reported a surge in computers affected.

In a recent article posted on the Guardian, one version has been highlighted and is cleverly hidden in an email complaint from a supposedly unhappy customer.

It was from paymentsadmin@lloydsplc.co.uk, and Sarah Flanders, a 35-year-old charity worker from north London, didn’t think twice about opening it. But the email contained software that immediately began encrypting every file on her computer – from precious family photos to private correspondence and work documents. In just a short time all her files were blocked, and then a frightening message flashed up on her screen: “Your personal files have been encrypted and you have 95 hours to pay us $300.”

According to the Guardian article, if infected you will no longer be able open, read or view your files, anyone with the decryption key could easily do so.

That means any of your documents containing passwords or personal information, along with your photos and videos, could potentially be accessed by cyber-criminals – and although there is no evidence of encrypted files being uploaded or sold on for this purpose at the moment, it is theoretically possible.

CryptoLocker currently only affects PCs and can easily be removed with anti-virus software, but its effects cannot. “I don’t think anyone in the world could break the encryption,” says Gavin O’Gorman, spokesman for internet security firm Symantec. “It has held up for more than 30 years.”

Of course, digital security is a major part of what we do here at PC Survivors of Massachusetts. If you’re looking for a safe and secure way to recycle your computers, please check out our services.

If you’re looking for a reliable asset disposal service, PCS of Massachusetts is ready and willing to help you recycle your electronics and destroy your data.  Give us a call at (781) 335-1220 or contact us online here.

31

10 2013

White House Seeking Cybersecurity Framework Comments

In February, President Obama issued an executive order meant to increase the nation’s infrastructure’s capabilities to manage cyber risk. In support of this goal, the order directed the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) to convene industry and other stakeholders to develop a voluntary framework for reducing cyber risks.

Fast forward to Oct. 30, The White House announced the  start of the 45-day public comment period for the Preliminary Cybersecurity Framework.

This announcement represents an important milestone in this collaborative effort to develop the framework, and the feedback received during this period will inform the final version.Already over the past eight months, individuals and organizations throughout the country have provided their thoughts on the standards, best practices, and guidelines that would meaningfully improve critical infrastructure cybersecurity. Some have already begun leveraging drafts of the framework to communicate with their executives and have provided feedback from their experience. Once implemented, the framework would provide businesses, their suppliers, their customers, and government agencies a common language and methodology for determining how they can best protect themselves.

According to a statement posted on the White House Blog, organizations can use the framework to describe their current cybersecurity posture, as well as their target state for cybersecurity. It can also help companies identify and prioritize opportunities for improvement and assess progress toward their goals.

Of course, digital security is a major part of what we do here at PC Survivors of Massachusetts. If you’re looking for a safe and secure way to recycle your computers, please check out our services.

If you’re looking for a reliable asset disposal service, PCS of Massachusetts is ready and willing to help you recycle your electronics and destroy your data.  Give us a call at (781) 335-1220 or contact us online here.

31

10 2013

October is National Cyber Security Awareness Month

bigstockphoto_Network_Access_770549

 

The Department of Homeland Security is celebrating the 10th anniversary of National Cyber Security Awareness month this October as a part of its mission to “create a safe secure and resilient cyber environment.”

In an article over at Digital Journal, we found a few good tips to keep in mind when using social media.

“Once something is posted online, there’s virtually no getting rid of it. When a student posts pictures, adds their current location or divulges other personal information, they are revealing sensitive data about their life that could be damaging if accessed by the wrong person,” the post reads.

  •  Protect passwords. Create strong and different passwords for banking, social media and any other site that requires a login, and don’t share them. Include upper and lower case letters, numbers and symbols. Password-protecting your phone and computer can give you one more step between your important information and thieves.
  •  Be mindful of the information you share with the public. If you wouldn’t be comfortable with your parents or teachers seeing your post, then rethink it.
  •     Buff up on your privacy settings. Change all Facebook settings to “Friends Only” for all posts for a more secure profile.
  •     Consider your phone’s privacy settings. Because your smartphone is like a mini computer, it’s important to protect the information stored in it as well. Turning your GPS location settings off can also keep your whereabouts more private.

 

Of course, digital security is a major part of what we do here at PC Survivors of Massachusetts. If you’re looking for a safe and secure way to recycle your computers, please check out our services.

If you’re looking for a reliable asset disposal service, PCS of Massachusetts is ready and willing to help you recycle your electronics and destroy your data.  Give us a call at (781) 335-1220 or contact us online here.

29

10 2013

The Iron Mountain data destruction settlement is a reminder…

If you advertise a service. If you charge for said service. You’d better deliver on that service.

Last week, the two biggest document shredding companies in the country agreed to pay $1.1 million to the U.S. government for not properly disposing of (shredding) sensitive documents.

Here’s a full story over at the Boston Globe, who reported the settlement was $800,000. Here are a few interesting excerpts from the PRNewswire release.

Iron Mountain Corporation (“Iron Mountain”, NYSE “IRM”) and Shred-It USA (“Shred-It”), have agreed to pay a total of $1.1 million to settle a lawsuit alleging that they defrauded the government by failing to shred sensitive documents as required by their contracts with the United States government.

The settlement follows a multi-year investigation by the United States Department of Justice triggered by a lawsuit filed by Pennsylvania resident Douglas Knisely, owner of a family-operated document-shredding business.

Additionally, according to the allegations in the Complaint, by not using the shredders mandated by the GSA to produce residue particles not exceeding 1/32 inch, Defendants were able to obtain additional revenue by re-selling the improperly shredded government documents to paper recyclers.

As required by statute, Mr. Knisely is entitled to receive a minority share of the government’s recovery for reporting Defendants’ fraudulent scheme. In addition, the False Claims Act requires a Defendant to pay the Relator’s reasonable attorneys’ fees and costs expended in the prosecution of this case.

While we don’t recycle paper, we are into data destruction and we take it very seriously at PCS of Massachusetts. We have the equipment, proper accreditation and capable people to recycle your electronics and destroy your sensitive data responsibly and effectively.

 

 

15

07 2013

National Guard honors electronic recycler PC Survivors

National Guard honors PCS company

PCS of Massachusetts CEO Lisa DiPaolo Bacewicz admist the current stream of electronics in the process of being recycled at her 7500 Sq. ft. facility in Weymouth.

PC Survivors of Weymouth was recently given the Patriot Award, which is given to businesses by the Department of Defense Guard and Reserve to recognize extraordinary support of an employee who serves in the National Guard. The orginal article appeared in the Marshfield Mariner last week.

The Weymouth-based business, PC Survivors of MA, LCC, owned by Marshfield residents Lisa and Charles Bacewicz, employs about a dozen young professionals. One of them is Etzer Aunaxe of Brockton, a member of the National Guard who serves monthly and at times during the year for stretches of several weeks.

Aunaxe takes both his National Guard and private employment responsibilities seriously, Lisa said. When he was hired, Lisa said he was open with his potential supervisors about the occasional constraints of his commitment to national service.

“We never gave it a second thought,” said Lisa. “We believed allowing him to go was the right thing to do and a way we could, in a small way, support the causes of the nation. We also knew that by hiring an experienced guardsman, we got so much more in expertise, skill, loyalty, dedication and trustworthiness.”

20

06 2013