General Services Administration officials have changed their acquisition regulation to strengthen security requirements for contracts through which they buy IT services and supplies and IT systems.

Under the new final rule, companies have to submit to GSA an IT security plan so GSA can verify the company is keeping the agency’s data and systems from unauthorized use.

The rule sets a 30-day deadline for submitting the plans that describe how the company will properly secure information. It also requires contractors submit written proof of IT security authorization six months after award, and they have to verify that the IT security plan remains valid annually…

Read full article

Today, we are more interconnected than ever before – in an instant, we can communicate with a friend on the other side of the world, shop online, and research any topic. These global networks are critical to our economy, allowing us to communicate, travel, and power our homes.

But this increased interconnectivity also presents an increased risk of theft, fraud, and abuse to which no country, industry, community, or individual is immune.

DHS is committed to ensuring that cyberspace is safe and secure, enables innovation and prosperity, and protects privacy and civil liberties. Together with public and private sector partners, we are working to build a safe, secure cyberspace where the American way of life can thrive.

To that end, DHS’s cybersecurity mission is two-fold: first, we work with the private sector, states, and municipalities to support the cybersecurity efforts of critical infrastructure owners and operators. Second, we are responsible for securing networks for federal civilian departments and agencies – the .gov domain.

President Obama has proposed legislation that would give us the tools to execute our cybersecurity mission more effectively…

Read the full article

Read the full story

On Tuesday, February 7, 2012, the PC Recycler team attended the Northern Virginia Technology Council (NVTC)’s U.S. Critical Infrastructure Under Cyber Attack – Cybersecurity and Privacy Event.The panel brought together industry thought leaders to highlight the potential economic and homeland security impact these threats possess and the steps that need to be taken to minimize our vulnerabilities.

Among these panelists were Jim Woolsey, Former Director of CIA, Lyn McDermid, SVP and CIO of Dominion Virginia Power, and Dr. John Saunders, Director at National Defense University, and each offered differing positions on the topic.

Jim Woolsey recounted the experimental cyber attack launched by the Department of Homeland Security in 2007 that led to the self-destruction of a generator machine. Woolsey  revealed that this same type of hack could take out massive generators responsible for providing power to the entire country. He noted that the fragmented utility industry (3,500 providers nationwide) makes it difficult to implemental universal protection standards and collaboration with the defense industry. It’s vulnerabilities and threats like these that Woolsey argues demand Congressional and Statutory commitment.

Dr. Saunders commented that budgets and allocations from the government are lacking focus on cybersecurity. He noted that after 9/11 one water utility company received $200 million from Congress to invest in security… and they purchased fences. This alone is a great example of critical infrastructure industry leaders’ lack of awareness regarding potential threats. Without a kickstart in funding and support, the U.S. could find itself caught off guard by a major cyber type catastrophe.

Lyn McDermid, CIO of Dominion Virginia Power, had a more optimistic view of the industry’s readiness and collaboration with government agencies. She detailed how her company is focusing on reliability of security vendors and their products. Currently, Dominion Virginia Power has 30 networks separate from the public internet, over 400 firewalls, and is continually investing resources in improving security of control devices. Combatting internal threats is also a major focus of the company’s cyber security plan. Frequent employee background checks, scanning and monitoring of devices and other measures are taken in order to protect systems from rogue employees and vendors.

Despite these measures being taken by private utilities, both Saunders and Woolsey aren’t convinced that the U.S. is prepared to deal with a debilitating, nationwide cyber-attack on critical infrastructure. Currently, there is no effective training structure in place that can simulate, train, and protect against an ever-evolving enemy.

In conclusion, decisions and strides demand urgency in order to determine how the private and public sectors can best protect the critical infrastructure of the United States – essential to our security, public health and safety, economic vitality and way of life. The panel concluded that one successful malignant hacker on the power grid could significantly damage our economy.

Just think– What would we do without electricity for four months or maybe up to a year?

NIST Special Publication 800-88 outlines the types of data sanitization decisions your organization should be making, from types of media to destroy to roles and responsibilities of company officers. What they do not mention is how to choose a responsible vendor to carry out the task, but we have done the thinking for you.

Data security is something we take very seriously, and we truly believe all data destruction vendors should meet certain requirements to keep your data safe. We have compiled a checklist of items your company should consider when you are thinking of data destruction.

Question 1:  What is data center efficiency? Is there a single definition that people can use, or is it a flexible term whose definition is governed more by organization-specific needs?

It’s a very flexible term, and at the moment it probably means more in the commercial space than in the government marketplace.

It originally started out several years ago as a way to describe the efficient use of power and cooling, and there was a lot of talk about going green and paying attention to how much energy was consumed. Then virtualization took hold and all of a sudden there were assessments around the utilization rates of IT assets, particularly those of servers in the data center. And, today, it’s been expanded even further to also cover such things as storage and networks.

The problem in government is that there’s no one person who owns the budget for all of the components involved in data center efficiency. In large commercial concerns you can find one person responsible for the spend on facilities, cooling, power, IT assets and so on, and it’s therefore relatively easy to implement change. In government, the responsibility is very diversified. The CIO may own the IT assets, for example, but not the facilities or the cooling and power.

In government, the challenge comes with bringing all of this together at the highest level.

Get the full report

When Jeremy Farber launched his company 10 years ago under the name Miami Computers, the moniker was a bit of a misnomer. After all, its headquarters was actually in upstate New York.

Today, the Chantilly-based firm is called PC Recycler but even that name isn’t a perfect fit. Farber’s company doesn’t just discard old electronics, it first wipes their data and shreds them into confetti.

“A couple of our big customers early on were big government contractors and they loved us, but they were really interested in information security,” Farber said. “It was a very big priority to them, more so than the environmental aspect of it.”

Read full article

Network World —IT budgets and responsibilities are moving out of the control of IT departments and into the hands of others, thanks to trends such as consumerization and cloud computing, Gartner says in its vision for 2012 and the coming years.

That means, to be successful, IT organizations will have to excel at relationship management and be adept at coordinating more widely distributed activities, according to Daryl Plummer, managing vice president and Gartner fellow.

“As users take more control of the devices they will use, business managers are taking more control of the budgets IT organizations have watched shift over the last few years,” Plummer said in a statement. “The IT organization of the future must coordinate those who have the money, those who deliver the services, those who secure the data, and those consumers who demand to set their own pace for use of IT.”

IT departments need to adapt now or be swept aside, Plummer warned.

Read the full article

We would like to take this opportunity to thank you for your continued interest in PC Recycler. In 2011, we made aggressive investments in state-of-the-art technology to aid in the secure destruction of all end-of-life data, and we’ve kept our promise of “zero landfill, zero export” treatment for obsolete electronic devices.

We made significant strides in providing our clients with a specialized, high-volume on-site shredding and degaussing service that has the ability to shred up to 2,000 devices per hour. Our goal has always been to provide you with a secure and reliable service and become a true partner in protecting and defending the integrity of your organization’s data storage devices.

We continuously value and appreciate customer feedback as your thoughts have impacted the way we improve our customer service and our service delivery overall. Looking into 2012, our Certified Secure Destruction Specialists are eager to work with you to determine your data destruction risks and needs. We are excited to help you develop corporate data handling policies and procedures and look forward to keeping you up-to-date with the latest and most efficient data destruction options.

As we head into the New Year, we’re excited to let you know that we have plans to:

• Receive our NAID Plant-based Certification for our facility;
• Increase our capacity to serve you better with the addition of a new service truck to our fleet;
• Increase our Operations Staff to continue to serve you in a timely manner;
• Develop an online Customer Portal, which will provide on-demand, easy access to completed job records, past inventories, past certificates of recycling and destruction, and past invoices for customers to download and use for audit reports;
• Continue to host our monthly community event and attend industry shows; and
• With our monthly e-Newletter, PCR Pulse, to keep you on the pulse of the latest in data handling, data security, electronics recycling, and risk avoidance information.

PC Recycler was very fortunate to have a tremendous 2011. The growth and achievements we have experienced can be atributed to the loyal customers we have. In 2012, PC Recycler is committed to ensuring that all customers’ electronic assets are handled and destroyed securely so that your sensitive data is not on your mind. We hope that our work will enable you to concentrate your time and efforts on your mission and experience continued success in the New Year!

Best Wishes in 2012 from all of us at PC Recycler!

With tremendous help from Sue Collins, Employment and Transition Representative at Chantilly High School, and special education teachers at Chantilly High School, PC Recycler offers technical and career-based training to students with learning disabilities. This award-winning program gives students hands-on experience that encourages development of job skills while learning about the business as a whole.

Andrew Portare, Operations Manager for PC Recycler, meets with some of the students twice a week to cover topics like business etiquette, “how to get hired”, and work ethics. The students also partake in activities ranging from breaking down computers, separating parts, and sorting and cutting wires, to participating in safety, security, and corporate development training. Problem-solving skills are refined by challenging the group to complete designated tasks, like removing specific parts from a computer. In addition, students have gained an in-depth understanding of the electronics recycling industry and the required elements to ensure a business operates smoothly.

We are excited to continue the development of this program to incorporate the interests of the students in a way that cultivates “real-world” experience. Sue Collins and the dedicated team of teachers at Chantilly High have helped us make this program a viable learning opportunity for the youth of our community.