Electronic Equipment Recycling and Reuse Act Requires Vendors to Educate Customers on Data Security
Recently, the Electronic Equipment Recycling and Reuse Act came into force in New York State.
(prHWY.com) April 8, 2011 - Albuquerque, NM -- Albuquerque, NM, United States - The last decade has witnessed shift towards digitization and storage of data in electronic formats. E-records facilitate easier maintenance and faster retrieval of records. At the same, threats are inherent in the IT environment and they pose risk to information security, integrity and confidentiality. While individuals store loads of sensitive personal information on computers, e-databases in organizations include sensitive information related to business as well as customers. Data stored in the hard drives are recoverable and could be extracted. As such, adequate precautions must be taken before disposal of computer systems and electronic devices.
Recently, the Electronic Equipment Recycling and Reuse Act came into force in New York State. The Act provides for environmentally responsible recycling of electronic waste. The electronic devices covered under the Act include computers, computer peripherals, small scale servers, televisions, cathode ray tubes and small electronic devices. One of the provisions of the Act requires manufacturers to run a public education program to disseminate information on their electronic waste acceptance program. Manufacturers of computers, hard drives and other electronic devices that have internal memory for storage of confidential data are required to provide information on their websites on ways to degauss data before their surrender for recycling and reuse. Manufacturers may also provide premium data security services to customers.
People with malicious intentions may extract data stored in hard drives and sell sensitive information in the crime market, conduct unauthorized transactions, indulge in identity theft and commit other forms of fraud. Last year, a United States (U.S) based media organization extracted over 300 pages of medical records from the used copier of an insurance company. The company was also successful in extracting 95 pages from the used copier of a construction company, which included names, addresses, copies of paid checks, social security numbers and building designs.Recently, auditors revealed severe lapses in data security practices in the state of New Jersey. Therefore, regulatory authorities must ensure proper implementation of the regulations through periodic audits and imposing penalties on erring bodies and organizations. Hiring professionals qualified in IT masters degree
may help in identifying and mitigating lapses in IT security.
IT policy of organizations must provide for procedures to degauss data from hard drives before their sale or disposal. IT professionals could be encouraged to undertake online technology degree courses to update themselves on latest regulations, data protection mechanisms and monitoring mechanisms.
Information security is crucial for maintaining trust of customers, suppliers, employees and other stakeholders of an organization. Organizations must focus on regular training of employees through refresher courses, seminars and e-learning programs to create cyber security awareness and evolve information security conscious culture. Some organizations have compulsory e-learning programs in place to educate employees on different types of IT threats, incident management, disaster recovery and business continuity mechanisms.
Recurrent and multitude threats in the IT environment have resulted in increased demand for computer science degree
holders, penetration testers, secured programmers and computer forensics experts. Educational institutions must collaborate with government bodies and industry to introduce and update courses on IT security on a regular basis in accordance with changing security scenario.
EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.