ITAD
There is a new opportunity for data protection service providers to increase their value to current and prospective clients, and it stems from the overwhelming number of corporations now publicly committing to global data protection and privacy compliance. To learn more about who is and why they are, see the related blog titled “Why Large…
Read MoreThe number of high-profile corporations committing to a global approach to data protection and privacy compliance is staggering. It might be easier to find one that isn’t. A partial list includes Airbnb, Adobe, Amazon, American Express, Apple, AT&T, Boeing, Chevron, Citibank, Cisco, Coca-Cola, Dell Technologies, Dropbox, eBay, ExxonMobil, Ford, General Motors, Goldman Sachs, Alphabet, HP…
Read MoreYesterday’s SEC release alleging that software developer SolarWinds Corp. and its Chief Information Security Officer (CISO) T. Brown misled investors about known cybersecurity risks and vulnerabilities is yet another in a series of Commission actions regarding cybersecurity that should be setting off alarms for CISOs, CIOs, and the boards at all publicly traded companies and…
Read MoreSegregation of Duties (SODs), a.k.a. Separation of Duties, is the basic fiduciary mechanism that prevents an individual or department from having full custody of process integrity where there is an inherent conflict of interest or an opportunity for fraud. As the name denotes, to mitigate these potential problems, the duties related to those processes are…
Read MoreA series of recent Security and Exchange Commission (SEC) announcements point to the increasing risk of whistleblowers stemming from improper IT asset disposal (ITAD) practices. First, over the past year, the SEC has issued a number of statements and proposals indicating its intentions to hold organizations (and boards) under its jurisdiction accountable for cybersecurity. At…
Read MoreA March 15 proposal by the Security and Exchange Commission (SEC) to amend the Gramm-Leach-Bliley Act Safeguard’s Rule will require financial institutions and their data processors (i.e., secure shredders, ITADs, managed service providers, etc.) to seriously rethink and retool their data protection contracts, recordkeeping, and policies and procedures. Here’s What it Looks Like The proposal…
Read MoreThe Oxford dictionary defines Cybersecurity as “the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this.” Hard to argue with that; it’s succinct, clear, and broad. So, with that definition in mind, it would be hard to argue that restricting access to the hardware…
Read More