Identity Theft: How Major Corporations May be Exposing Your Private Records without Knowing It -- Steps Companies and Individuals Can Take to Prevent Identity Theft and Protect Consumer Privacy QSGI Provides Unique Safeguards for Corporations and Consumers
Have you ever thought about identity theft in relation to what happens to your bank's computers and all your personal data stored on them when it's time for the bank to retire this equipment and upgrade its technology? What about your stock brokerage firm, medical center, and the many other entities that possess highly confidential information? You may be surprised to learn that most corporations are lax, even negligent in their methods of disposal of retired equipment either due to ignorance, conscious indifference towards privacy concerns or lack of knowledge about effective alternatives to accomplish the task. In response to mounting cases of identity theft and data security breaches, recent legislation and class action lawsuits are beginning to hold these companies accountable.
NEW YORK (PRWEB) June 7, 2007
While attention has been given to security issues as they pertain to technology in operation at various entities (such as corporate firewalls and virus protection), the way in which obsolete IT technology is handled during the end-of-life phase has been largely ignored although it is often more crucial for protecting the privacy of confidential information, as well as preventing identity theft. It is now mandated by law that data on hard drives be disposed of in a secure manner and should be erased according to Department of Defense standards to ensure that the information can never be restored from the hard drive.
Over the past few years a number of regulatory mandates were put into place to address the issue of identity theft and data privacy, such as the Gramm Leach Bliley Act of 2003, which requires financial institutions to take steps to ensure the security and confidentiality of customer records such as names, addresses, phone numbers, bank and credit card account numbers, income and credit histories and social security numbers. The Health Insurance Portability & Accounting Act of 1996 was updated in April of 2005. This legislation addresses the security and privacy of health data. Other examples of legislation that has been put in place in recent years include the FTC FACT Act, which provides help for identity theft victims, and Sarbanes-Oxley for the protection of investors.
When asked about the potential ramifications of the recent legislation, Alan Burger, a partner with the law firm McDonald Hopkins, commented, "The impact of the recent regulatory and legislative mandates have raised awareness of the need for proper data destruction, but have been slow in helping eliminate the problem of identity theft and other security breaches. Similar to seat belt laws, where it took affirmative action and fines before drivers began buckling up, now that fines are being levied against corporations, they are now beginning to implement end-of-life data security policies and procedures. In addition, companies are being compelled to action, following a wave of lawsuits, with companies like TJ Maxx facing hundreds of millions if not billions of dollars in potential liability."
In situations where the privacy of data has been compromised, companies have been subjected to litigation and class action lawsuits from customers, and employees whose personal information was lost, stolen, or compromised. In recent months, there have been a number of high profile lawsuits involving highly publicized data breaches including retailer TJ Maxx, Long Island Railroad, Columbia Bank and the American Federation of Government Employees.
Many companies claim to offer data erasure for end-of-life IT equipment, but few, if any, offer a fully automated process and erasure to Department of Defense standards. Joe Giamichael, a sell-side analyst at Rodman & Renshaw, commented, "QSGI is one company that realized a number of years ago that there was a growing need to put safeguards in place to protect confidential information stored on computers and they have built a growing business around this premise, servicing Fortune 500 companies concerned with their potential liability. QSGI utilizes a fully automated process that eliminates the possibility of human error. As a result, QSGI is the only data security provider that will fully indemnify its clients from liability, if they follow QSGI's "best practice" solutions for end-of-life IT equipment."
Commenting on new trends within the industry, Marc Sherman, chief executive officer of QSGI, Inc. (OTCBB: QSGI), stated, "The threat of identity theft and the potential for corporate liability have become so critical that many of our customers have become reluctant to ship their end of life computers and servers off site to have the hard drives erased prior to disposal or resale. QSGI now offers our clients an entire suite of onsite options including our Mobile IT Audit & Erasure Facility, contained within a tractor trailer, and our portable "suitcase" solution, each of which allows us to bring our technology on-site at our client locations and conduct all end of life data security & regulatory compliance functions on their premises, thereby eliminating the risk of lost or stolen equipment while in transit."
QSGI's Mobile IT Audit & Erasure Facility is the industry's only fully functioning, self contained, IT asset management facility, operating within a tractor trailer, that can travel directly to a loading bay at the clients' premises and process up to 1,000 hard drives per day, with real-time reporting and complete asset tracking.
While QSGI focuses on the corporate market in its quest to protect the privacy of consumers, GTSI Corp, a government enterprise solutions and services provider, provides these services to Federal, state and local government agencies as part of its unique Technology Lifecycle Management (TLM) process. Jack Woelfel, GTSI's Director of Integration and Asset Management says, "Our government customers are acutely aware of the issues associated with property and data loss and associated security breaches, especially when it can affect national security. Through our Technology Lifecycle Management model, we provide a sophisticated Asset Management Tracking System, as well as erasure and disposal services when an agency's IT assets reach their useful end. Proper asset disposal is the last stage of our popular six-phase TLM model."
Responsibility for one's data privacy does not end with safeguards implemented by commercial organizations and the government. Consumers also dispose of their old computers before upgrading their systems, which poses an enormous threat to privacy. Simply formatting one's hard drive is not sufficient, as criminals can easily recover this data with "off-the-shelf" software. QSGI offers a solution to this problem by enabling consumers to obtain a single-use license for its Department of Defense compliant erasure process at a cost of just $23.95. The service can be accessed through eraseyourharddrive. com and can be done easily over the Internet without the need for an external floppy/CD/DVD drive. Once a consumer runs the software, information that was once stored on the hard drive can never be recovered or reassembled.
In the current electronic age, the need for end-of-life data security has reached monumental proportions. Neither businesses nor individuals can afford to ignore utilizing the safeguards necessary to protect their privacy. Fortunately, highly effective remedies, such as those offered by QSGI, exist to make it easy for corporate America, the government and individuals to take the necessary action and win the war on identity theft. However, unless the weapons are used, the war will never be won.
By Klea Theoharis, Crescendo Communications
Tel: 212-671-1022
Klea Theoharis is freelance writer and managing director at Crescendo Communications. Klea's career on Wall Street has spanned over 25-years, having founded KLEA Associates and holding a variety of positions at Nasdaq, Wertheim Schroder and Mitchell Hutchins Asset Management. Klea is a graduate of Marymount Manhattan College with a degree in business management. She also attended the New York Institute of Finance where she studied security analysis and portfolio management. Klea has held Series 7, 63 and 65 brokerage licenses. She is also a member of the National Investor Relations Institute and New York Women in Communications.
Optimized by Newsforce