It’s important to have a system in place to destroy sensitive data onsite as soon as a device is retired or a hard drive fails. Drives filled with sensitive data that are left in accessible areas of a business are vulnerable to disgruntled employees as well as visitors.
have come across several articles over the past month or so that have talked about risk mitigation. This isn’t uncommon, but there was a recurring theme that I had to address. There has been confusion recently as to who holds more responsibility, the service provider or the company who created the data?
IT asset disposition can be a very time consuming and aggravating process. If not done correctly you risk significant costs (legal fees, fines, etc), environmental violations, and the risk of a data breach. As we have highlighted in other blogs, a solid decommissioning policy and disposition program is the first step in mitigating your risks. It is your IT asset disposal vendor that will make the difference when it comes to the execution phase. We will look at 4 ways that an IT asset disposal vendor can save you money on top of providing data security and compliance.
A malicious attack (hacking, stealing, etc) can cost up to 25% more than a non-malicious attack. However, most data breaches occur due to the negligence from within the organization. This includes, the loss of a mobile device (cell phone, external hard drive), unsecured storage of retired computers, hard drives, and other data bearing devices. Here are a few examples of some recent data breaches that are a product of improper disposal and lost media devices.
Mobile devices have changed the landscape of IT asset management and data security policies. IT managers now have to develop and implement new processes to help to manage, control, and properly dispose of these devices. The biggest hurdle with this is the shifting of power from the IT department to the employees themselves, this introduces a myriad of new risks. Risks such as corporate data available outside of a physical establishment as well as developing strategies for all makes of devices and operating systems.
Over 700 public and private sector individuals participated in establishing the Standards and Procedures of this rigid certification review. The goal of the certification program is to streamline the certification process and increase the ability of women business owners to compete for contracts at a national level.
“Certification provides a marketing opportunity for women business enterprises to participate in outreach programs, “says Lisa Rajaie- VP of Admin of TechR2. “In addition, this program will enable us to develop relationships with larger companies and create opportunities for future partnerships with public and private companies.”
Later this month, the inspector general of the U.S. Department of Veterans Affairs will release a security audit that identifies the IT weaknesses of non-classified government agencies, according to Data Breach Today. Surprisingly, the audit confirmed cyberthreats to the VA from both domestic and international hosts.
However, an expert quoted in the article noted that the same lapses uncovered at the VA are also prevalent in the private sector, and blamed a lack of education for failure to commit to basic security measures.
ISO 27001: What Does It Mean & Why is it Important? [vc_row][vc_column width=”1/3″][vc_column_text] We’re proud to announce that TechR2 has received ISO 27001 Certification. We’re
Compliance: Privacy Regulations Based on Industry [vc_row][vc_column width=”1/3″][vc_column_text]Protecting your brand and reputation is crucial to every organization as the number of data breaches is constantly
The High Cost of “Free” Data Destruction IT asset disposal made headlines around the world last week when the UK Information Commissioner’s Office (ICO) fined
Schedule a call at your convenience
We do a discovery and consulting meeting
We prepare a proposal
