(re) blog: dialogue with Redemtech

EU Proposed Data Security Regulations Stir Debate, Controversy Around the Globe

Bart Porter — Thu, 02 Feb 2012 05:27:03 -0800

The European Commission last week proposed significant changes to the European Union's data protection laws in a move that prompted controversy and a lot of discussion in support and opposition. The commission said its intent is to enable users to maintain control over their personal data, but as specifics are being analyzed around the globe, some businesses and groups are critical of the planned directive, while others complain that the measures won’t be enough to resolve serious data security issues.

As with the recent European Parliament vote to approve legislation intended to strengthen the recovery of electronic waste while tightening exports of used computers to developing countries, which was discussed in an earlier blog this week, news coverage and analysis of the data privacy announcement has been extensive in both Europe and the U.S.

According to an article appearing in Computer Business Review shortly after European Union Justice Commissioner Viviane Reding announced the proposed changes to the 1995 Data Privacy Directive, critics already were saying many of the proposed measures are an unnecessary burden, especially for small businesses, while others maintained that industry best practices are already at work to address the issues.

A news story appearing in Gov Info Security said data security and privacy officers for global organizations can expect to perform more work if the proposed reforms become law. The regulations would require businesses operating in Europe to write formal information security policies and there would be additional requirements, documentation and new procedures for global organizations to put in place, the article stated.

The effort to update the EU’s 17-year-old data privacy laws are intended to unify data protection laws across all member countries, improve online defenses and reduce bureaucracy, an eWeek news story reported, but technology companies said the legislation, if approved, would be almost impossible to implement. The proposed changes would impact companies based abroad but that have branch offices and subsidiaries within the EU on how they manage and secure the data belonging to customers and employees.
The impact of the measures on U.S. companies was examined by ZDNet, where Reding was quoted as saying: “Companies that suffer a data leak must inform the data protection authorities and the individuals concerned, and they must do so without undue delay.”

Organizations will find it difficult to identify and carry out data breach notifications within 24 hours, as proposed in the new legislation, industry experts warned in a Computerworld UK article, as analysts explained that the new laws would require all companies and organizations to notify the national supervisory authority and affected citizens of any serious data breaches within 24 hours. Proposed fines of up to 2% of global turnover for serious data breach violations alarmed many companies, according to a story on the BBC. Reding suggested that companies that charged a user for a data request could be fined up to 0.5% of their global turnover, noting that the sum could double if a firm refused to hand over data or failed to correct bad information.

As businesses and government organizations absorb the impact of the announcement, Kelly Fiveash’s column in The Register yesterday noted that the UK government is one of the most vocal of the 27 member states' opposed to some of the proposed rules. Indeed, UK Information Commissioner Christopher Graham immediately expressed concern, claiming the proposed legislation does not reflect the realities of data protection. “The commissioner believes in a number of areas the proposal is unnecessarily and unhelpfully over prescriptive. This poses challenges for its practical application and risks developing a tick-box approach to data protection compliance,” according to a new Information Commissioner’s Office (ICO) document highlighted by V3.

While the European Commission claimed that the sweeping changes will save businesses billions of dollars by reducing their administrative burden and grant people the right to wipe their information from a social network, companies would have to get customers' explicit permission to collect data and explain its specific use. Many organizations are bothered by the proposed “right to be forgotten” element of the legislation that would permit people to ask for facts about themselves to be deleted from the web and mandate publishers to comply unless they can show a “legitimate” reason not to comply.

Tech policy researcher Jerry Brito’s blog in Time magazine compared this to the “memory hole” in George Orwell’s novel 1984, in which factual records were destroyed to hide truths. The new law “would flip the traditional understanding of privacy as an exception to free speech. What this means is that if we treat free expression as the more important value, then one has to prove a harmful violation of privacy before the speaker can be silenced. Under the proposed law, however, it’s the speaker who must show that his speech is a ‘legitimate’ exception to a claim of privacy. That is, the burden of proof is switched so that speakers are the ones who would have to justify their speech.”

And Jane Yakowitz, visiting assistant professor of Brooklyn Law School, in an online posting reported in Information Week, called the legislation “a misguided attack on the information economy." Yakowitz wrote: "The right to be forgotten unequivocally favors the interests of the data subject, no matter how selfishly motivated, over the interests of data controllers and other consumers. Moreover, by making the right of erasure inalienable, the EU prevents its own citizens from participating in a business model that allows consumers to trade their information for stuff they want--convenience, discounts, or content."

Amid the swirling opinions, businesses are expected to lobby heavily for amendments that benefit their interests and reduce the long-term workload anticipated as part of the new regulations. Tech News World noted that business representatives and groups are descending on Brussels with the hope of softening some of the restrictions. Meanwhile, privacy advocates are on hand to keep the new proposed legislation on a path that they say will protect consumer personal data.

You can look at current data security regulations and laws at the Redemtech website. What do you think of the new European Union proposed data security and privacy regulations?

European WEEE Recast Could Influence U.S. E-waste Legislation

Bart Porter — Tue, 31 Jan 2012 04:53:20 -0800

Two equally groundbreaking and potentially earth-shattering regulations recently rocked Europe that will impact Redemtech’s customers in the U.S. and abroad in the coming years and have a profound influence on our industry. One regulation regards the proper disposal of electronic waste, which is one of Redemtech’s primary social and environmental causes, while the other affects data security and the privacy of customer information.

The European Parliament recently approved legislation intended to strengthen the recovery of end-of-life computers and other e-waste while tightening exports of used goods to developing countries. Legislators adopted a revamped Waste from Electrical and Electronic Equipment (WEEE) Directive to address the e-waste crisis in Europe, where only one-third of WEEE is recycled and half is exported.

The update of the 2003 WEEE Directive gives European Union states until 2021 to reach new targets in an effort to improve e-waste disposal. Specifically, member states will need to increase their collection of e-waste beyond the current flat-rate target of 4kg per person per year, so that by 2016 they will instead have to collect 45 tons for every 100 tons of electronic goods sold during the previous three years. By 2019, the target will rise to a collection rate of 65% of sales from three years previous, although countries have the alternative of collecting a comparable figure of 85% of all e-waste generated.

News coverage of this major development, which has been in the works for a very long time, was considerable in both Europe and the U.S. An article appearing in Let’s Recycle noted that the WEEE sector has largely reacted positively to changes to the directive. Officials for companies that currently operate some compliance schemes said the changes are a positive step forward for WEEE systems across Europe. In addition, as was highlighted in TechWeek, the revised directive will require e-waste exporters to demonstrate that their goods are being shipped for repair or legitimate reuse.

As a global company, this is of particular interest to Redemtech, which has its UK facilities based in Cranleigh, Surrey, because zero e-waste export best practices have been a part of the company’s environmental policy since 2004. The UK government reportedly will work on necessary amendments to the UK WEEE regulations later this year, according to a spokesperson for the UK Department for Business, Innovation & Skills.

An article appearing in In the News stated that UK businesses in the meantime must also adhere to the UK WEEE directive that came into effect in January 2007 and also strives to minimize the damage caused to the environment through the disposal of e-waste while encouraging recycling and recovery. One of the first steps to responsibly recycling e-waste is to select a recycling organization such as Redemtech UK that strictly adheres to this legislation.

While many e-waste recyclers and other businesses expressed satisfaction that a decision finally has been made, the Ministers of European Parliament (MEPs) were criticized by others for approving the revised rules without including any provision to promote the reuse of old equipment. Critics bristled, saying the MEPs ignored calls for a separate target to encourage the reuse of old electronic equipment that could be refurbished, according to a news story in Business Green.

Redemtech is a leading proponent of extending the lifecycle of existing computers through reuse. It is the company’s belief that sustainable computing should focus on extending IT equipment lifecycles and helping customers to capitalize on opportunities for reuse, which also reduces the need for more computers to be manufactured – a process that consumes many resources and energy.

It was interesting to note that MEPs also focused on preserving rare earth metals and other raw materials that end-of-life electronics contain in discussion after passage of the WEEE recast. German MEP Karl-Heinz Florenz was quoted in Recycling International as saying, “Europe will now recover more raw materials, which is excellent news both for the economy and the environment,” while European Union Environment Commissioner Janez Potočnik said: “In these challenging times of economic change and rising prices for raw materials, resource efficiency is where environmental benefits and innovative growth.”

Sabine Wils, another German MEP, wrote in Public Service Europe that the WEEE recast is the culmination of a lot of effort to enact change across Europe. “For a long time, the industrialized nations have been living beyond their means. People in developed countries maintain this unsustainable lifestyle at the expense of poorer countries. The EU's dogma of unlimited and perpetual growth suggests to consumers that they should buy new electronic products more often, in order to keep the economy ticking over,” Wils wrote. “The new EU directive on waste electrical and electronic equipment now addresses part of the problem. It sets common objectives and parameters for the treatment of this waste.”

The regulatory changes in Europe should be of significant importance to American companies, too, because the WEEE recast impacts their operations across the pond and gives some idea of what Redemtech hopes will be national legislation in the U.S. for e-waste regulations in 2012. The Responsible Electronics Recycling Act and other proposed legislation seek to restrict e-waste exports, promote fair trade and encourage investment in domestic recycling infrastructure, all of which Redemtech heartily supports.

My next blog will cover the European Commission’s proposed changes to the European Union's data protection laws in an effort to enable users to maintain control over their personal data. If approved, the changes to the 1995 Data Privacy Directive would address advances in technology and increasing threats to data security.

What do you think of Europe’s new WEEE recast? Other e-waste regulations are provided at Redemtech’s website.

Poor Data Security is Bad Medicine for Healthcare Industry

Bart Porter — Thu, 08 Dec 2011 11:45:51 -0800

The Ponemon Institute recently released a new survey of the healthcare industry examining data security issues, particularly breaches, and their relationship with regulatory compliance, response plans, medical identity theft and the growing use of mobile devices. Results of the survey of 72 healthcare organizations revealed a shocking 32% increase in data breaches. The three leading causes of data breaches were identified as lost or stolen equipment, errors by third parties and employee mistakes.

Although the second annual study is focused entirely on data security in the healthcare industry, the central message – that off-network data breaches not only continue to occur, but are increasing - is a wake-up call applicable to many other industries as well.

Some of the statistics from the study relate their own message, starting with a most significant number in connection with portable, data-bearing devices:

• 49% of healthcare organizations said that lost or stolen devices were to blame for data breaches

Other data of importance highlighted in the Ponemon study:

• 96% of all healthcare providers say they have had at least one data breach in the past two years
• On average, healthcare organizations said they had 4 data breach incidents during the past two years, an increase from 3 breaches per organization in last year’s survey
• 46% of respondents blamed third-party error, including business associates, for breaches
• 41% identified unintentional employee action as the cause for breaches
• The annual cost to the industry of these data breaches is estimated at $6.5 billion annually
• The average economic impact of a data breach during the past two years is approximately $2.2 million, an increase of about $200,000 from last year’s study
• The average number of lost or stolen records per breach was 2,575, an increase from an average of 1,769 reported in the previous year
• 60% of respondents said that medical billing personnel in their organizations do not understand the importance of patient data protection
• 58% said IT personnel do not understand its importance, compared to 58% of respondents who say administrative personnel understand the importance of protecting patient data
• 81% of healthcare organizations report that they use mobile devices to collect, store and transmit some form of Personal Health Information (PHI)
• 49% of respondents said their organizations do nothing to protect mobile devices

News coverage of the Ponemon study has been plentiful, offering additional insight into the findings. Help Net Security, for example, noted that the $6.5 billion that data breaches are costing the U.S. healthcare industry would be comparable to hiring more than 81,000 registered nurses or funding 216 million flu vaccinations.

An article in Dark Reading focused on the explosion in mobile devices in the healthcare sector. Noting that more than 80% of healthcare organizations employ mobile devices for gathering, transmitting and storing patient information, the article compares that high number with the 49% that are not securing the devices. While mobile devices help patient care, they also pose a major risk of exposure for the patient's health and other personal information, Ponemon said in the article.

A news story in eWeek also quoted Ponemon. "Healthcare organizations are either complacent about data responsibilities or are under-resourced,” he told eWeek. "Data breaches don't have to be large to be significant. Small leaks can become big leaks pretty easily."

Redemtech greatly values the research the Ponemon Institute conducts each year and has worked closely with the organization in the past to convey the seriousness of data security threats. The numbers presented in these surveys add up to one sum result: Many of the most damaging and costly data breaches involve poor off-network security.

Don’t Shoot or My Computer Will Poison You!

Bart Porter — Mon, 05 Dec 2011 04:13:11 -0800

While it often is noted in the trades and mainstream news media that the improper disposal of old electronics presents serious environmental problems, I don’t often run across articles that connect the disposition of e-waste with firearms and the frontier spirit. One recent newspaper article, however, conjured some distorted images of Old West cowboys opening fire on defenseless computers.

As bureau editor for the Redemtech news editions, I see a lot of interesting e-waste stories from resources large and small. When I find something particularly unusual, I often delve deeper for edification on aspects that I think will interest our readers.

The article that got me thinking about High Noon shootouts with high-tech hardware came from a modest publication in southern Utah, not far from the Arizona and Nevada borders. The story in the St. George Daily Spectrum reported that electronics recyclers in Utah say they sometimes find abandoned computers, monitors and TVs – or what’s left of them - in less-populated areas where target shooting is done.

Anyone who has traveled along the rustic back roads of most any state is liable to come across sanctuaries for gun enthusiasts and hobbyists, where the remains of nondescript inanimate targets may be found. A lot of old western movies depict cowboys learning to draw their Schofield Revolvers and quickly fire at glass bottles perched on a boulder just outside town or tin cans propped up on an old rail fence. Evidently, this (target) practice has evolved with the changing times and people now take their unwanted or obsolete hardware out to a bucolic setting to shoot at it.

Long before I collaborated on The Essential Cult TV Reader, producing a pop culture analysis of a cherished and lively but, unfortunately, short-lived western television series, I had a love for all things associated with the Old West. With family residing in Wyoming, Utah and Colorado, I’ve satisfied my predilection through visits to historical sites associated with infamous outlaws and gained a greater appreciation for the frontier spirit, which explains how I can easily envision the rural target shooting scene described by those recyclers.

Still, I find it odd that electronic waste is viewed as a suitable target, regardless of any harsh feelings toward the encroachment of technology, the loss of human interaction or that stupid laptop that just suddenly stops delivering the cherished download of Rio Bravo just as John Wayne finds out that Ward Bond has been gunned down.

What modern-day shootists may not realize is that there is no home on the shooting range for computers. Monitors, TVs and other IT hardware that may make tempting targets can get revenge beyond the grave, so to speak, by spilling toxins into the natural environment. These poisonous substances leak into the soil and groundwater and can have horrific long-term consequences on human life.

Unlike the traditional Old West saloon gal with the heart of gold, e-waste is not good on the inside. It contains lead, cadmium, mercury and a bunch of other toxic chemicals you don’t want to find in your watering hole.

People often dump things in the middle of nowhere that they don’t know how to otherwise dispose. Others may know how to dispose of e-waste, but don’t want to pay for the processing. Recently I surrendered a retired 13-inch television that had shown me many an old western to a charitable organization that was hosting a recycling drive. I paid a dollar a screen inch for its disposal, which was a small price to have assurance that the TV wouldn’t wind up in a landfill.

Before attaching a bull’s eye to that outdated monitor, it would be wiser to see if there’s something a little more constructive to do with the hardware, such as recycling it so that its toxic vengeance is minimized.

In his last movie, The Shootist, John Wayne told a young protégé that it’s easier to shoot at something that’s not shooting back. Like some outlaws in an old western, e-waste may look harmless, but it can strike back when you least expect.

Reaction to FCC Connect to Compete Announcement Overwhelming, Encouraging

Bart Porter — Thu, 17 Nov 2011 07:03:23 -0800

Redemtech’s critical involvement in the Federal Communications Commission’s (FCC) Connect to Compete initiative created quite a stir in the national mainstream and industry news media during the past week as news of the company’s Red Rabbitt brand of refurbished computers being made available to low-income families for $150 reached nearly 1,000 media outlets in recent days.

After initial coverage in several major news outlets when FCC Chairman Julius Genachowski announced the initiative on Nov. 9, including USA Today, the Los Angeles Times and the Washington Post, Redemtech’s involvement was noted by numerous news services, such as Reuters and the Associated Press, which reprinted the scoop in news outlets across the U.S. and around the world.

The gist of the news was a positive message: Redemtech has joined the Connect to Compete initiative created by the FCC to improve digital literacy in underserved communities throughout the U.S. Redemtech is the chosen provider of low-cost, high-quality refurbished computers, augmenting broadband access, training and technical assistance from other Connect to Compete partners.

Jill Vaské, Executive Vice President of Redemtech, who attended the FCC announcement in Washington, D.C., was quoted in several places, such as Digital Journal. "We are excited that our low-cost Red Rabbitt refurbished computers will enable Connect to Compete participants to get online. This is an opportunity for American corporations to securely distribute surplus computers through Redemtech to American citizens without compromising their financial returns, " Vaské said.

In the Columbus Dispatch, the hometown newspaper for Redemtech’s headquarters, the company’s major role in the $4 billion program to narrow the digital divide was further examined. “It’s a wonderful convergence of opportunity. We’re addressing the needs of the business marketplace and providing fully refurbished computers to a marketplace that’s really underserved today — there’s a very large number of Americans who don’t have low-cost access to the Internet,” Vaske was quoted as saying.

News coverage is one thing — a good thing — but editorial and opinion pieces condoning the company’s efforts is a whole other animal.

The Pocono Record published an editorial saying a plan to offer low-cost Internet service to low-income families nationwide is a good one. The FCC took the lead in Connect to Compete to link more homes to broadband. The goal is improving educational and job opportunities. Redemtech has offered to sell refurbished computers for $150. Connect to Compete represents a productive alliance between government and private enterprise to improve the lives and brighten the futures of a sector of the population that is struggling, the newspaper opined.

In the Yakima Herald-Republic, an editorial stated that one important 21st-century issue is access to computers in general and the Internet in particular. Cash-strapped families can't always come up with the money for a computer and broadband service, even in areas where the latter is available. “Redemtech, a national company that among other things recycles computers, will offer refurbished PCs for $150,” the editorial explained. “We hope qualifying families get the word about these services, which find government and business working together to identify a need and taking welcome steps to fill it.”

And the St. Petersburg Times wrote an opinion piece that said” “Not only will millions of poor families benefit, so will the country. Enabling poor students to do their homework at school without having to go to a public library and sign up for computer time will help them to have a fairer chance at the American dream, which is increasingly predicated on technological savvy. And that will deepen the pool of talent for America's future.”

In another expression of a positive opinion, Gartner researchers have published a First Take report titled FCC's Initiative to Bridge the U.S. Digital Divide Offers CSR Opportunities, in which the FCC’s Connect to Compete initiative is praised for offering opportunities for corporate social responsibility programs. Redemtech is enduringly involved with CSR efforts tied to our Serious Good program that unites business customers, partner non-profit organizations and communities in an ongoing collaboration to provide refurbished computers to organizations that have an ongoing need for equipment to support their programs and members.

In the report, Gartner writes that as the sole supplier of low-cost refurbished PCs, “Redemtech will likely seek out large volumes of used PC assets. This could benefit enterprises looking to develop a successful ITAD strategy in concert with their corporate social responsibility (CSR) organizations.”

The report goes on to say: “Enterprises may see higher returns from this lean, direct sale, which eliminates the wholesaler, while also assisting low-income families with bridging the digital divide.” Moreover, Redemtech’s free back-end recycle offer “will certainly demonstrate a ‘best effort,’” the Gartner report states.

A news story appearing on MSNBC stated that the $150 laptops “may be the program’s more enduring legacy. The FCC struck a deal with Redemtech, an Ohio-based business that helps companies sell their used computers or donate them to charities like Habitat for Humanity for a tax write-off. These businesses can now donate them to the FCC program as well. The price reflects the cost of refurbishing the machines. Jill Vaské, Redemtech’s executive vice-president, estimates the company can provide 150,000 to 200,000 computers in 2012, and 1 million the year after.”

Below are some of the other news articles that have been published and posted about the FCC announcement since it was made last week. Additional information will be provided through a special company news edition distributed to customer-subscribers.

FCC Unveils Broadband Plan for Low-Income Households
PC Magazine, 11-09-11

Cheaper Broadband, PCs Coming to Low-Income Families
Reuters, 11-09-11

Discounts to Put Internet Within Reach
Omaha World-Herald, 11-10-11

Comcast, Cox, Others to Help Close 'Digital Divide'
Billing & OSS World, 11-10-11

FCC and ISPs Join to Get Low-Income Families Online
E-commerce Times, 11-10-11

FCC Offers Discounted Broadband To Low-Income Families
NewsFactorNetwork, 11-09-11

FCC Offers Broadband to Low-Income Families
eWeek, 11-10-11

FCC Unveils Plan to Provide Broadband to the Poor
TechSpot, 11-09-11

Redemtech to Help Low-Income Families with FCC Connect to Compete Initiative

Bart Porter — Wed, 09 Nov 2011 11:09:44 -0800

The Federal Communications Commission (FCC) today launched a $4-billion program to make computers more affordable for more than 25 million mainly low-income Americans while narrowing the digital divide. According to USA Today, Redemtech is playing a key role in the FCC Connect to Compete initiative by offering $150 laptop and desktop computers with monitors in support of the program. Redemtech's Red Rabbitt® PCs will be specially designed for first-time users and include preloaded educational and careers content as part of the national effort to boost education and employment.

The issue of the digital divide has been important to Redemtech for a long time and precipitated the company’s ongoing efforts to provide Red Rabbitt IT equipment to qualifying Habitat for Humanity families across the U.S. These donations illustrate a commitment to helping people live and work better in an increasingly high-tech world where broadband access is no longer a luxury, but a necessity for achieving educational and career objectives.

According to the abundant news coverage of today’s FCC announcement, such as that which appeared in this morning’s Washington Post, the program will provide low-income homes with $150 computers and $10 monthly broadband Internet service. “The plan aims to solve one of the more vexing problems in the government’s quest to connect all Americans to the Internet,” according to the Post.

Similarly, Reuters noted that eligible families will be able to sign up for the program during a three-year window starting early in 2012 in some areas, with the offer going nationwide by next September to coincide with the 2012-2013 school year.

In its coverage, the Los Angeles Times quoted FCC Chairman Julius Genachowski as saying, "We're at a time of real challenge in the economy, and broadband access is becoming increasingly vital to participating in it.” Since the program is aimed at providing qualifying residents with greater access to both professional and educational opportunities while expanding consumer demand for the online marketplace, the effort should stimulate the U.S. economy as well, Genachowski said.

“The cost of not adopting broadband, the cost of exclusion is high and getting higher,” Genachowski said in a telephone interview reported in another Washington Post article.

Redemtech launched its Red Rabbitt brand of refurbished computers and accessories in 2009 and has earned a reputation for supplying charitable organizations with high-quality IT equipment as part of a larger strategy to extend the lifecycles of equipment. As a vital part of the new FCC initiative, Redemtech is pleased that equipment that might otherwise have had a less successful end is instead making a difference in Americans’ lives.

Click here to learn more about Redemtech and the FCC Connect to Compete program.

News Media Tracks Explosive Growth of BYOD

Bart Porter — Mon, 12 Sep 2011 10:38:41 -0700

IT Consumerization or Bring Your Own Device (BYOD) has become more than a trend for modern businesses as an increasing number of employees bring personal devices into the workplace. Jill Vaske, Redemtech’s Executive Vice President, said in Can Corporate IT Adapt to the BYOD Trend? that BYOD will no doubt drive major changes in corporate IT and asset disposition policies. Industry and mainstream news media have been buzzing about the topic for months. This major development raises many questions that are important to Redemtech customers, including:

The impact of BYOD on customer and shareholder satisfaction as well as costs and security. Read BYOD: To Bring or Not to Bring
How BYOD affects e-waste recycling and sustainability issues. Read BYOD and Sustainable IT: The Good, The Bad, The Problematic
Employer sponsorship, support and control of BYOD initiatives. Read Bring Your Own Device Calls for Compromise
The associated risks of protecting and supporting information assets. Read BYOD: Risks to Reason

The nucleus of the BYOD movement includes portability, ease of use and end-user convenience, representing a new way of thinking about work. The leap from heavy-duty, company-provided equipment to handy, lightweight and portable, personal devices like smartphones and tablets has major implications that may take some adjustment in thinking and working.

According to ESG Research, 55% of large organizations say they are experiencing "significant growth" of “alternative endpoint computing devices” and the biggest driver is "end user demand for different/alternative devices." Aberdeen Group researchers estimate that about 75% of businesses now have developed BYOD policies.

Rob Preston, Editor in Chief of InformationWeek, emphasizes that IT consumerization “isn’t just a fad” and that “It's already accepted that 20-somethings are far more inclined than previous generations to download their own Web apps and use their own devices to get work done.”

An article appearing in IT World earlier this year showed how quickly BYOD has grown: “The phrase computerization of IT has been floating around for the past two or three years. Initially it had a somewhat derogatory and dismissive meaning, describing organizations that were allowing consumer devices and online services like iPhones and Twitter to find accepting homes in a business environment (either explicitly or unintentionally)....A lot has changed in the past few years. Keeping the consumer-type technologies out of the workplace simply isn't feasible these days.” With worldwide tablet shipments estimated at 250 million units in 2017, and Gartner predicting that by 2013 80% of businesses will support a workforce using tablets, it’s clear that the BYOD advance is very likely to continue.

A more recent IT World article, headlined “The Inevitable BYOD Revolution,” shows just how much has changed as more businesses embrace BYOD: “The Bring Your Own Device revolution is upon us, and it seems inevitable that the rank and file will be making the decisions about what they will be using to access the corporate network” IT can’t be steamrolled by the BYOD revolution, and it has the responsibility for care and control of enterprise computing assets. If end users insist on choosing and using their own devices, IT must still be able to apply policy and best security practices across devices: limiting access through virtual private networks, keeping corporate apps and data in a virtualized desktop infrastructure, and applying a strong data loss protection regimen would be a start.”

A playbook of sorts for organizations considering a Bring Your Own Device model was introduced by an oft-quoted article in Forbes, which urges businesses not to “just say no” to BYOD or employee-preferred devices, noting that end users are more productive when they have a voice on the tools they use and how they are supported. Forbes also urged businesses to listen to their end users and create an internal customer advisory group to: allow end users to explain what they want and what they don’t; research and test your approach; and document and communicate a clear set of policies and guidelines for end users.

Other sound advice on BYOD can be found on Gigaom, which offers: “Fence your data, not your people” and “Keep company and personal data separate.” While admitting that it’s not easy to integrate mobile devices into enterprise environments, since smartphones and tablets essentially weren’t designed for business users, the Gigaom article also notes that mobile consumer devices make it much easier for business users to stay connected to social networks, which has grown significantly in importance during the past year.

An article headlined “The Influence of Mobile on Social Marketing’s Future,” that appeared in eMarketer, cited surveys that asked respondents which social media efforts would have the greatest effect on their company. More than 17% of respondents said more usage of social media on mobile platforms and another 12% cited uptake of mobile location-based social networking. A Gartner report found that 33% of employees admit to using their personal devices to connect to social media while at work. Gigaom notes that each one of those employees has the potential to positively or negatively influence a company’s brand on social networks and asks, “Why not turn that uncertainty into an advantage by training all of your employees to become brand ambassadors?”

As all of these news and feature stories indicate, BYOD deserves the attention of forward-thinking businesses. Mobile technology has always been a business investment that could be utilized to deliver the best value to meet the demands of an increasingly changing workforce. The introduction of consumer technology provides employees with a stake in the technology resources they use, along with a sense of ownership and empowerment. The result can be greater interaction, higher productivity and increased employee satisfaction. Equally exigent are the customers’ questions of risks and benefits of BYOD to data security, lifecycle management, technical support and the environment. Redemtech can provide the answer to those questions.

U.S. Government Task Force Electronics Stewardship Strategy Gets Mixed Reviews

Bart Porter — Fri, 22 Jul 2011 08:37:12 -0700

Earlier this week, the Interagency Task Force on Electronics Stewardship, along with the White House Council on Environmental Quality; U.S. Environmental Protection Agency (EPA); and U.S. General Services Administration (GSA) released a report outlining a National Strategy for Electronics Stewardship.

The strategy was prompted by President Obama’s call in November 2010 for federal agencies to step up their environmental efforts. Officials announcing the strategy during a stakeholder briefing said the policy aims to promote the U.S. e-waste recycling industry and create green jobs, as well as reduce harm from U.S. e-waste exports and improve safe handling of used electronics in developing countries.

The National Strategy for Electronics Stewardship provides four overarching goals:

Increase safe and effective management and handling of used electronics in the U.S.
Reduce harm from U.S. exports of e-waste and improve safe handling of used electronics in developing countries
Build incentives for design of greener electronics and enhance science, research and technology development in the U.S.
Ensure that the U.S. government leads by example

Read a breakdown of each of the action items of the four objectives below.

Reactions from environmental groups were subdued, with many saying the most significant issues of e-waste exports were not sufficiently addressed. In a Basel Action Network (BAN) announcement, Barbara Kyle of the National Coordinator of the Electronic TakeBack Coalition, said: "We are very disappointed that the Task Force missed the opportunity handed to them by President Obama's mandate to truly lead by example and ensure that all federal agencies do the right thing and not export obsolete used electronic equipment unless it is fully functional."

“This report shows why we need Congress to pass the Responsible Electronics Recycling Act, now under consideration in both the Senate and Congress, to truly address this issue," noted Jim Puckett, executive director of BAN, which oversees the e-Stewards Certification program.

Increasing Safe and Effective Management and Handling

Launch voluntary partnerships with the electronics industry
Provide guidance to electronics recycling employers on providing facilities that offer safe and healthy working environments
Establish approaches to gather, track, and provide public access to information on quantities and movement of used electronics within the U.S.

Reducing Harm from Exports and Improving Safe Handling

Improve information on trade flows and handling of used electronics, and share data with Federal and international agencies, within the limits of existing legal authorities
Provide technical assistance and establish partnerships with developing countries to better manage used electronics
Work with exporters to explore how to incentivize and promote the safe handling of remanufactured, recycled, and used electronics at home and abroad
Propose regulatory changes to improve compliance with the existing regulation that governs the export of cathode ray tubes from used computer monitors and televisions that are destined for reuse and recycling
Support ratification of the Basel Convention on the Control of Transboundary Movements of Hazardous Wastes and their Disposal

Building Incentives for Greener Design and Enhanced Technology Development

Establish multi-stakeholder groups to address key research questions and design challenges, and accelerate development of and investment in green electronics design standards
Promote consumer purchasing of green electronics that are certified as meeting stringent environmental performance criteria that address environmental impacts across the entire lifecycle of the products
Promote scientific research and technological developments that improve our ability to recover and market valuable materials from used electronics, especially precious metals and rare earth elements
Launch electronics stewardship prize competitions to stimulate innovations in green product design, recycling solutions, and other phases of the electronics lifecycle
Ensure expansion of quality green electronics certification programs, including EPEAT

Ensuring U.S. Government Leads by Example

Establish a comprehensive and transparent government-wide policy on used Federal electronics that maximizes reuse, clears data and information stored on used equipment, and ensures that all Federal electronics are processed by certified recyclers
Encourage electronics manufacturers to expand their product take-back programs, and use certified recyclers as a minimum standard in those programs, by expanding the use of manufacturer take-back agreements in Federal electronics purchase, rental and service contracts
Require and enable recipients of former Federal equipment that has been sold, transferred, or donated for reuse to use certified recyclers and follow other environmentally sound practices to the greatest extent possible
Improve tracking of used Federal electronics throughout the lifecycle and post comprehensive data sets on Data.gov and other publicly accessible websites
More effectively direct U.S. government spending on electronics toward green products through procurement changes
Expand the use of the intergovernmental cooperative agreements between the U.S. Postal Service and other federal agencies to make it more convenient, efficient, and cost effective for government agencies with remote offices to directly ship used electronics to original equipment manufacturers, certified recyclers, or entities that will reuse the equipment
Identify, characterize, and document markets, as well as market and financial assistance opportunities, associated with managing and recycling used electronics

Data Security Breaches Continue Off-Network and On

Bart Porter — Fri, 24 Jun 2011 03:47:27 -0700

The Ponemon Institute this week released another new survey, this one concluding that 90% of U.S. organizations have sustained at least one data breach in the past year. IT security breaches most often occurred at off-site locations housing mobile workers, partners or other third-parties, the survey found. Last week, another new Ponemon survey revealed that lost or stolen IT equipment is the primary cause for data loss within business organizations. While online hacks are getting a great deal of attention due to some high-profile security breaches, off-network data breaches remain a significant problem for business enterprises.

In covering this week’s Ponemon survey, eWeek Europe explained that “businesses of all sizes are feeling a growing lack of confidence about their ability to prevent attacks on their networks, as the frequency and cost of security breaches continues to rise.” The explosion of mobile devices has contributed significantly to businesses’ sense of insecurity, the article continues, with laptops and other mobile equipment viewed as the most likely points from which attacks are launched against a company, the study found.

Employee laptop computers were the source of 34% of data breaches, while employee mobile devices were the source of 29% of breach incidents, Ponemon noted. Most organizations, however, didn’t know the source of all of their security breaches, with only 11% admitting that they knew where all of their security incidents had originated.

Are Cyber-Attacks Truly Increasing?

At the same time, PC World ran an article his week that quoted security experts as saying despite an uptick in reported cyber-attacks, network break-ins and data breaches, the volume of hacking is not rising. “What has changed is that hacker groups such as Anonymous and LulzSec have gotten media savvy creating an illusion of an escalating cyberwar that in reality does not exist,” the article notes.

Large-scale cyber-attacks garner a lot of media and public attention, and can alter the focus away from off-network data breaches that occur with more frequency, but with relatively smaller, less-publicized numbers. Meanwhile, incidents such as that involving a stolen laptop reported this week by an Ohio agency that helps the elderly, resulting in the loss of medical information on 78,000 people; and the theft of 19 computers from a California healthcare provider, compromising personal and medical records of 15,700 patients, are equally newsworthy.

How do you personally feel about the recent wave of cyber-attacks? Do your data protection strategies focus as much off-network as on network security?

Global Data Security Conspiracy: Are Extraterrestrial Aliens Plotting to Steal Our Laptops?

Bart Porter — Thu, 16 Jun 2011 17:52:12 -0700

I suspect that I know the real reason there have been so many off-network data security breaches during the past several years. It’s definitely part of a conspiracy perpetrated by the same extraterrestrial aliens who have been taunting us with UFO flyovers for decades.

This may sound a bit far-fetched, but most conspiracy theories are so perceived, especially when they are introduced. How else can one explain so many high-profile information security breaches involving stolen laptops, lost hard drives and missing flash drives impacting so many millions of people? With all of the privacy breach incidents that have been in the news, resulting in tarnished business reputations, regulatory penalties and enormous financial liabilities to repair the damage, certainly something more than human must be behind this crisis.

Sure, Bart, you may say. Blame the poor extraterrestrials who travel millions of miles through space in those spinning flying saucers. They don’t have enough problems trying to compensate for dizziness and motion sickness. They come all this way just to steal laptops on Earth, like they don’t have anything better to do.

But let’s look at some proof. There have been a growing number of data breaches in recent years around the world as many business enterprises, from large mega corporations to small mom-and-pop establishments, learn harsh lessons from lost or stolen data on portable devices. A new Ponemon Institute survey confirmed that lost or stolen IT equipment is the primary cause for data loss within business organizations. The report also found that 77% of organizations surveyed said they experienced data loss in the past year and customer information was cited by 52% of respondents as the most common type of information compromised, followed by employee information and corporate plans. Just the kind of data these aliens can use!

The increase in data breach activity coincides with what may be an uptick of UFO sightings. Simply tap into any convenient search engine and you’ll find countless references to unidentified flying objects and numerous strange sightings that take place around the world. Trust me, you don’t get that kind of result if you type in keywords such as “bigfoot sightings” or “giant galactic invaders,” like I often do.

And what about the onslaught of new alien attacks depicted in popular culture? Whether it’s a movie like the upcoming Harrison Ford/Daniel Craig science fiction film, Cowboys and Aliens, or contemporary television programming, such as the new TNT series Falling Skies, exposing villainous interplanetary invaders who attack and occupy the Earth, you’ve got to admit there are a lot of extraterrestrials buzzing around, trying to find ways to disrupt human activity. What better way than to steal our stuff?

All of these developments would seem to point to the validity of the warning from another movie from another era of high UFO activity, The Thing from Another World, which spread a message of “Keep watching the skies” across drive-in movie theater screens throughout the spring and summer of 1951. That message continues to ring true 60 years later, especially among those of us who postulate that a giant carrot in a flying saucer could attempt to conquer the earth, as did The Thing in the movie.

More proof may have surfaced recently when the Australian Department of Defence responded to a freedom of information request from the Sydney Morning Herald for any documents that contained data on sightings of UFOs or “extraterrestrial organisms” in Australia. The Defence Department replied that after two months of searching, it was unable to find records relating to UFO sightings that were collected during several decades. The lone exception was a file detailing a sketchy series of sightings from around the country and overseas, including people living in towns in the outback.

Not content with this “the dog ate my homework”-type of response, conspiracy theorists around the globe are asking, nay, demanding “What happened to those files?” I’m guessing the aliens took them, just like they possibly took a laptop computer containing 8.63 million patient records that was reported stolen from a London division of the National Health Service in the UK just this week.

Extraterrestrials might also be responsible for reports last week that the U.S. Department of Health and Human Services' Office for Civil Rights, which tracks data security breaches in the healthcare sector, has received 32,000 incident reports that involved fewer than 500 records. These so-called “little breaches” join 281 larger reported incidents that were recorded between September 2009 and May 2011, involving nearly 11 million compromised records.

In fact, as conspiracy theories go, aliens from a distant planet might have wound up with every lost and stolen computer for the past 10 years, whether it was left in a train, lost at an airport or reported stolen from a car, as these locations are frequently cited as places where data-bearing devices simply disappear. All of these instances can’t simply be chalked up to human carelessness. Things from another world must be responsible!

The only alternative to this conspiracy theory is that human beings are too irresponsible to implement proper safely protocols when it comes to securing portable devices that carry valuable data. I hope that’s not the case. The last thing humanity needs is to display to otherworldly pilferers a lack of understanding of the valuable data we hold dear.

It’s up to every one of us to find a way to combat this potential planet-wide conspiracy by choosing better data protection. Forget about “watching the skies.” Keep an eye on that laptop you’re carrying. Because once it’s gone, so is your data.