The Federal Trade Commission reported last year that over 9 million Americans fell victim to identity theft, while losses to businesses and financial institutions totalled $48 billion. Consumers lost $4 billion in out-of-pocket expenses.
The Problem
In January 2003, some researchers at MIT bought 158 used, random disk drives from an online store and found that 60% of them had data still in tact. Additionally, these same researchers found 5,000 credit card numbers on these disks.
When you decommission a system, you have to do something about the data on that system. It's not a good idea to just power down an old system and give it away, or sell it on eBay. You need to ensure that all sensitive data cannot be accessed.
It is rare for organizations and companies not to have sensitive information on their hard disks. The Hard Disk Crusher can help you ensure that the following types of information remains private:
Bank account numbers
Biometric information
Classified information
Copyrighted material
Corporate financial records
Credit card numbers
Department of Defense secrets
DNA records
Driver's license numbers
Encryption keys
Firewall configuration files
Information security documents
Investment account information
Medical records
Law enforcement records
Legal cases and records
Login and password information
National security information
Passport numbers
Patents
Personal email
Pharmaceutical formulas
Political campaign secrets
Pornography
Proprietary information
Retirement account information
Router ACLs
Security configuration files
Sensitive customer information
Social Security numbers
Standardized test scores
Stock trades
Strategic business plans
Tax records
Trade secrets
Proper decommissioning of corporate data can help your company avoid lawsuits and decrease its liabilities. In order to comply with various U.S. information security laws and regulations, all data requires proper decommissioning. The Hard Disk Crusher can help you comply with the following laws and regulations:
Children's Online Privacy Protection Act of 1988 (COPPA)
OMB Circular A-130, Management of Federal Information Resources
OMB Memorandum 01-05
OMB Memorandum 00-13
OMB Memorandum 99-05
OMB Memorandum 99-18
OMB Memorandum 03-22
Sarbanes-Oxley
Section 5 of the Federal Trade Commission Act
Section 208 of the E-Government Act of 2002
The Fair and Accurate Credit Transaction Act (FACTA)
The Federal Information Security Act of 2002 (FISMA)
The Gramm-Leach-Bliley Act
The Health Information Portability and Accountability Act (HIPAA)
The Privacy Act
Public Law 100-503, Computer Matching and Privacy Act of 1988
5 U.S.C. § 552, Freedom of Information Act (FOIA) of 1966, as Amended by Public Law No. 104-231, 110 Stat. 3048
Non-compliance of these laws could lead to anything from job loss and career limitations to expensive financial penalties. If you're a Chief Information Officer, or a Chief Information Security Officer, you won't want to take the risk.
