How Does NAID AAA Certification Intersect With NIST 800-88? (Part 2)
This is the second blog of a two-part series. The first installment provided a perspective on the relative differences in NAID AAA Certification and NIST 800-88 and its overlap with physical media destruction requirements. This installment, addresses the implications of the same on electronic media erasure. Though reading Part 1 of this series is not […]
Read more »How Does NAID AAA Certification Intersect With NIST 800-88? (Part 1)
This blog will be presented in two-parts. In this first installment, I will provide a perspective on the relative differences in NAID AAA Certification and NIST 800-88 and its overlap with physical media destruction requirements. In the next installment, I will do the same on the implications for electronic media erasure. I assume most readers […]
Read more »What to do When Clients Misapply Specifications
It’s happened to many data destruction service providers and to those it hasn’t happened yet, it will at some point. It looks like this: You have been destroying media for a client for many years, when they ask whether you comply to a certain specification or standard. (Usually someone else in the firm is bringing […]
Read more »See Something, Say Something
Most readers will immediately associate the title of this blog with the U.S. Homeland Security campaign to enlist the public in their efforts to expose potential risks. The logic, of course, is obvious; people who are out and about in their local communities and neighborhoods are the most likely to recognize bad actors and bad […]
Read more »A Great Time to Improve
For all the bad things about the pandemic shutdown, one thing is certain; it has forced you to reduce your operations down to the basics. You had no choice but to become as streamlined and efficient as possible. Regardless if you want a life-style business that goes on for decades, or you are creating a […]
Read more »The Morgan Stanley Breach Notification: Lessons for Every Electronics Recycling Customer
First, I would like to commend Morgan Stanley. They somehow learned IT assets disposed of four years ago may not have been properly wiped by the vendor they hired to do so at that time. That is not commendable. They should have been more careful. What is commendable, however, is the fact that upon learning […]
Read more »Data Protection Likely to Emerge with a New Relevance
Things are tough. It perfectly understandable that you, your staff, and your customers are unsettled. It’s going to be that way for a while. As it stands, there’s no shortage of experts talking about the business trends that are going to continue afterward, such as the growth of remote working and the reduction of business […]
Read more »PRISM Privacy+ Certification: Time to Join the Club!
In March, i-SIGMA announced changes to PRISM Privacy+ Certification making it not only more affordable but also a much stronger sales tool. March is also when COVID-19 made its international debut. You had bigger fish to fry. More Affordable 1) Already PRISM Privacy+ Certified? RIM service providers can now renew Privacy+ Certification without the high […]
Read more »Privacy+ Certification: Should I, or Shouldn’t I?
By: Tom Dumez, CHP, CSCS With my many years of involvement with PRISM and so many relationships that have been formed over the years, I am asked by PRISM members often if they should either pursue or renew their PRISM Privacy+ Certification. The question is always the same: “Should I, or shouldn’t I? What is […]
Read more »“Prepare for” an Audit or “We are Ready” for an Audit – Big Difference!
Early Monday morning an email from the Compliance Officer (CO) of a large client organization has been received by the Operations Manager (OM). Not the ideal way to start the week. Planning to visit the record and data center on Wednesday, he requests the OM suggest a convenient time. There is no “rule” that a […]
Read more »