Information security, recycling and irony
Christopher Chisholm
christopher.chisholm at syamsoftware.com
Thu Feb 2 09:51:02 EST 2006
That's a pretty funny story, but on the other hand, that reallllly sucks
for those invovled.
Do you know if rather than reusing documents like that for internal use,
do companies like Absolute Data Destruction (based in Goffstown) offer
srecycling services? Personally I think it's insane the amount of paper
that gets wasted. I used to work at the help desk when I was at school
at Daniel Webster College, and I'd say about 40-60% of all paper used
for printing from the computer labs was wasted. This number may not be
as high at a lot of companies, but I image paper waste is relatively
high no matter where you go.
-chris
Jeff Kinz wrote:
>I just experienced an interesting incident involving information
>security practices.
>
>At a client's organization I recently, and very gently, urged a DBA to
>stop their practice of recycling the printouts from test runs of certain
>reports.
>
>These test runs were huge so it's understandable that they didn't want to
>just throw away all the paper. But these reports contained ALL the
>confidential information about their clients.
>
>Everything: Family info, age, birth date, addresses, SSN, phone #'s,
>emails, all contact phone #s and more.
>
>Their response was simply that the recycled paper was only being used
>internally so they were not risking their client's privacy.
>
>On Sunday, the Boston Globe, indulging in the same practice, released
>the private customer information, including credit card information, of
>240,000 of their customers by using recycled internal reports for
>wrapping paper (topper) on delivered bundles of newspaper.
>
>Apparently I was right about this being a risky practice: :-)
>
>Irony==> My info was among that released.
>
>I have closed the account, had a new card issued, notified several
>auto-pay relationships and made a trip to the bank to get cash for my
>wife to use on a trip this coming weekend. Final step is to put a
>fraud alert on my record with all three major credit reporting
>agencies.
>
>(yes, we do have other cards we can use but our money plan calls for
>those accounts to be used only in case of real emergencies, and by
>definition if something can be avoided, its not an emergency.. :) )
>
>If you are concerned that your info may have been released as well
>you can check by going here:
>http://www.bostonglobe.com/cclookup
>
>On that page you enter your phone # and zip, and the system will tell
>you if your info was released.
>
>That page appears to be the only thing the Globe has done right.
>
>
><insert muttered imprecations at the Globe of your choice here>
>
>
>The Lesson:
>
>Its clear that one never "really" knows how recycled materials are going
>to be used so confidential materials must always be destroyed rather
>than recycled. (duh)
>
>
>
>
More information about the gnhlug-discuss
mailing list