Friday, May 1, 2015

Hard Drive Destruction


Nowadays individuals and businesses alike often ignore the ever growing need to properly dispose of old, no-longer-needed hard drives in a secure and proper manner. 
 
Cases of identity theft and security breaches caused by documents falling into the wrong hands never seem to be too far away from the headlines, perhaps due to the glamorous, almost James Bond like images they conjure up, but hard drive theft is a phenomenon very much on the rise. 
 
With the vast majority of businesses increasingly turning to storing data on computers as well as paper, the theft of data has become easy target and task for identity thieves. Just a couple of months ago for example, the video streaming website VUDU announced that somebody had broken into their premises overnight and stolen computer hard drives containing almost everything a would be identity thief would need to steal a consumer's identity, ranging from names and addresses to dates of birth and credit card information1
 
While many believe that deleting files or wiping hard drives prior to reselling or disposing of them is enough to prevent any information from being obtained by criminals, this is not the case, and anyone with the technical skill or know how can still access any information which has not been totally eliminated. A study conducted by Harvard University's Dr. Simon Garfinkel on 236 hard drives purchased on eBay since 2001 found that only 44 of them (19%) had been properly wiped clean prior to their sale. Dr Garfinkel used readily accessible data retrieval programs to recover information from the hard drives, and discovered thousands of credit card numbers - a charitable gift for any data thief2.  
 
The only absolute way to prevent your business' and your customers' sensitive information from becoming yet another statistic is to securely destroy your hard drives at the end of their lives.
 
PROSHRED is proud to offer On-Site Hard Drive destruction, presenting you with the opportunity to watch your hardware be destroyed in front of your eyes, offering you total peace of mind and ensuring that no sensitive information leaves your premises intact. Capable of shredding up to 500 hard drives per hour, our machines break hardware into tiny fragments and guarantee that all the data is no longer readable. PROSHRED is also  provides you with a dated and detailed Certificate of Destruction upon completion, offering you a hard drive destruction trail should you need it. 
 
Watch our hard-drive destruction process in action!
 

Categories: 

http://www.proshred.com/sites/default/files/Scheduled-Brochure-v2_0.pdf

Corporate Identity Theft


PROSHRED understands that with increasing national and international media coverage and the issue affecting so many citizens in recent times, people often believes the common misconception that identity theft only impacts individuals. Indeed this crime targeting the public is undoubtedly on the rise, with 2012 alone seeing 12.6 million cases of identity theft or fraud in the US1, much less often reported is the fact that businesses worldwide are increasingly falling victim to the crime. Renowned global technology advisor The Aberdeen Group estimates that a massive $221 billion a year is lost by businesses to the epidemic2. With that in mind, it is vital that businesses of all kinds are wary of corporate identity theft and put in place measures to prevent it. 

So what exactly does business identity fraud involve, and who is at risk?
Corporate identity fraud can be defined as the wrongful acquisition of the identity of a business or its information for the perpetrator’s gain. The theft can take any number of forms, ranging from the hacking of networks to access restricted or sensitive documents, to simply collecting improperly disposed of documents from a dumpster. Whatever forms the fraud takes, the outcome is always the same financial and reputational loss for the targeted company.
Both large and small firms can be targeted by identity thieves, with levels of bureaucracy and hierarchy within the former often leading to oversights and security breaches, while the latter often lack the resources or knowhow to avoid such breaches3.

What can be done to combat corporate identity theft?
When it comes to preventing fraudsters from targeting your business, a number of steps can be taken.
  1. Shred sensitive documents which are no longer needed. One simple step, which goes a long way in protecting your organization, is to shred sensitive documents before disposing of them. PROSHRED offers on-site shredding services which fights to prevent private information from leaving your business’ premises, and ensures that no confidential material regarding your company’s accounts or finances fall into the wrong hands.
     
  2. Properly destroy old hard drives. While an increasing amount of media attention is being placed on financial record shredding to avoid identity theft, one area often overlooked is that of hard drive destruction. Even after deleting information from a hard drive, it can still be accessed by those with enough technical knowledge. The only way to totally ensure that no sensitive information is left on an old computer or hard drive is to have them completely destroyed at the end of their lives. PROSHRED offers mobile hard drive destruction services    which ensures there is no way the information on the drives can ever be recovered or abused
     
  3. Protect your passwords. Although this may sound like an obvious suggestion, one far too often overlooked cause of both consumer and corporate identity theft is that of improperly protected passwords. If a fraudster gets hold of your account passwords, they have the ability to defraud your business of vast amounts of money. One example of the effect such a simple security lapse can have on a business is that of law firm Martin & Hillyer LLP, which had its phone system hacked which causes  hundreds of thousands of dollars in long-distance calls racked up by a fraudster who uncovered the company’s phone-system password4. Such an occurrence is easily preventable.
     
  4. Keep a close eye on account and statement activity. Be sure to regularly review company account and statement activity to ensure that nothing unusual is happening and that there are no unexplained activities or transactions occurring in any business accounts. The more vigilant you are the better.
     
  5. Report anything suspicious to the proper authorities. By reporting suspicious activity concerning any company accounts, you are not only ensuring that anything unfortunate is nipped in the bud as early as possible, and that any potential financial losses are minimized, but you are also potentially preventing the fraudster from targeting others businesses in the future


[1]Javelin Strategy. N.p., 20 Feb. 2013. Web. 22 June 2013. <https://www.javelinstrategy.com/news/1387/92/More-Than-12-Million-Identi....
[2] "Identity Theft Statistics." GuardChild. N.p., n.d. Web. 23 June 2013. <http://www.guardchild.com/identity-theft-statistics/>.
[3] Identity Theft Assistance Center. N.p., n.d. Web. 23 June 2013. <http://www.identitytheftassistance.org/pageview.php?cateid=88>.
[4] Prashad, Sharda. "Identity Theft Strikes Small Businesses." Editorial. The Globe and Mail[Toronto] 18 Jan. 2010: n. pag. Www.theglobeandmail.com. 23 Aug. 2012. Web. 22 June 2013. <http://www.theglobeandmail.com/report-on-business/small-business/identit....


Categories: 


http://www.proshred.com/sites/default/files/Identity-theft-infographic.pdf

Friday, March 20, 2015

Environmental Update: Sustainable Workplace Practices


Stakeholders from environmentalists, to policy makers, to employees and even consumers these days put increased pressure for more transparency from businesses on their sustainability practices. No longer is profit the only data required for firms to present, but sustainability reports are of great concern to view as it shows whether the business can handle the responsibility for being more environmentally friendly. Here are some great sustainable business practices that can be implemented in the workplace to help businesses reach their environmental goals.

Use Energy Efficient Electronics

Many companies fall in the trap of reusing aging electronics like computers, monitors, televisions, and even refrigerators in their workplace in an effort to cut down on costs. While replacing equipment can be expensive and time consuming, these outdated electronics may be less energy efficient than newer models. For example, many new electronics today carry an Energy Star rating to show its energy efficiency, with manufacturers today emphasising reducing energy usage on newer electronics[1].  These electronics use less power, and have advanced features such as auto-sleep modes, and auto-dimming which help reduce energy consumption.  For example, newer monitors use LED backlighting which requires less power than CRT monitors. Therefore companies can save energy costs, as well as reduce energy intake while promoting a sustainable environment with the use of these energy efficient electronics.

Proper Waste Disposal

Waste disposal is crucial for businesses to follow, partly due to the large amount of waste produced by businesses. In fact, some of the biggest culprits of improper waste disposal are manufacturing firms in developing countries who frequently dump hazardous chemicals in nearby rivers, which can damage the local ecosystem and wildlife. Proper waste disposal is an ethical endeavour which can help a company look favourably in the eyes of environmentalists, employees, and consumers. Some waste disposal tips in the workplace are to implement recycling bins for paper, plastics, and glass[2] instead of just using garbage bins.  These recycling bins should be kept in a convenient location, and should be easily readable. Proper recycling is crucial as about 80-90% of all workplace waste is actually recyclable[3]. Electronics should also be disposed in a safe manner, not thrown in the garbage. For example, it is advised that used electronics should be donated to others or recycled at specific government recycling locations as it helps preserve the environment from the creation of landfills. Batteries in devices such as laptops and phones should also be properly disposed at key locations as they contain chemicals which can pollute the environment. Businesses can contact their local municipality to find areas for safe electronic disposal.[4]

Employee commitment

For a sustainable workplace to succeed, employee commitment is crucial. There are many aspects of a business’s environmental footprint that are determined by employees. For example, excessive printing is a problem in many corporations, such as in the U.S Government which totals $440 million of wasteful printing a year. [5] Placing more stringent guidelines, and having managers act as environmentally friendly role models by adhering to company policies regarding sustainability, can all help in the reduction of waste from employees. Also, having printing limits, guidelines on how to recycle waste properly, as well as the monitor of proper employee waste disposal will go a long way in ensuring employees act in an environmentally sustainable manner. It also doesn’t hurt to incorporate friendly reminders on the company’s values with regards to the environment around the workplace to educate employees[6]. Finally, rewarding employees for reaching specific recycling targets and for properly following sustainability guidelines can help increase employee engagement. All of these actions to increase employee commitment to sustainability, combined with an emphasis of using more energy efficient electronics and proper waste disposal, help a company to meet and even exceed its environmental responsibilities.
Article by: Arjun Srivas

Thursday, March 5, 2015

Top 5 Data Security Errors Companies Make



















With the rise of information technology, the world of commerce is becoming increasingly interconnected and reliant on an integrated network structure to meet its storage needs. This dependency greatly increases the need for proper IT security to safeguard company information from various cyber security concerns. A single data breach on average can cost a company $3.5 million[1], not exactly pocket change. In today’s world one of the greatest challenges most companies face is implementing a list of controls to ensure company data is safe from accidental deletion, or from cyber theft.
While companies spend millions to implement protective measures, there are still some common data security mistakes most companies make. Here are the top 5 biggest:
  1. Simple passwords

This may sound like an error more attuned with everyday people, instead of multimillion dollar companies, but the fact of the matter is that most small and even big companies generally use simple passwords, often in the name of ease of use. Passwords that may seem suitably strong for some companies, are relatively easy for cyber criminals to hack, with the use of their sophisticated software that can crunch through passwords with ease[2]. Words like “admin” or “user” isn’t exactly the best tool to escape cyber criminals. In fact, some of the most popular passwords are also the simplest[3].

  1. Bring your own device to work (BYOD) 

There is a growing trend of companies allowing employees to bring their own devices to the workplace (BYOD)[4].  While this allows employees to use their favorite smartphones, this also opens up various security issues.  IT departments have less control in standardizing the security in these devices, as they are not built from the ground up to match the company’s security specifications. For example, many smartphones feature connectivity features like Bluetooth, and LTE, which can expose the device to many external threats.  In the case of Android, malware is a common security problem.[5] Personal devices are significantly easier to breach and can allow intruders to access company emails, as well as important confidential documents.


  1. No Backups

This is mainly an issue for small businesses, who do not possess the servers and IT infrastructure of their bigger business counterparts to have reliable backup procedures. Their valuable data is at risk to their hard drives malfunctioning, being accidentally deleted, or due to unnatural events such as a fire. Depending on the nature of the business (especially healthcare), the costs of losing just  1 MB of data loss is huge, at around $10,000.[6] This can be attested to the cost of trying to recover the data, the cost the business faces if it cannot retrieve it, as well as the opportunity cost of the time needed to recover it. While this sounds terrible, what is worse is the loss of reputation, and customer loyalty if they find out that the company lost important data, and it’s hard to put a price on that.

  1. Employee Negligence

Many companies go through great lengths in showing an appreciation for their employees, as they believe a company is only as good as the strength of their workforce. Ironically, a major way for a company to be compromised is through mishaps from their own employees. From accidentally downloading a virus through an attachment[7], to exposing your computer to malware, to accidentally leaving your work laptop open, the possibilities for data breaching through negligence is vast. Even having an employee accidentally reveal his password to a friend can potentially be a security threat. These security threats are especially apparent in today’s work environment, with many employees working from home, away from helpful supervision which could help minimize risks.

  1. Improper Data Destruction

Finally, arguably the biggest error companies make is leaving valuable data for prying eyes to collect. Throwing company documents in the garbage, or putting away your hard drive is not enough, many people resort to garbage searching just to seize this valuable information. A secure shredding method is essential for paper disposal, as this minimizes risk of information theft. Erasing one’s hard drive is not a fool proof plan, as with the right software the data can be recollected. Only a properly destroyed hard drive can ensure peace of mind from any data collection from a third party, especially from someone who is experienced in data retrieval.

Article by: Arjun Srivas