AG Technology

Vector-AG Technology Limited

CCPA fines in 2020 set to exceed $200 million as data laws tighten

California’s new CCPA law is predicted to make a significant impact on companies and how they handle people’s personal information. 

Following GDPR in 2018, CCPA will bring businesses in California more in line with European standards of data protection for the first time, providing the state with new powers to impose fines on businesses that fail to adopt the new data law into their architecture. 

Businesses that are especially at risk include suppliers of hosting and cloud services as well as organizations that hold medical records. With personal information such as patient data, addresses, phone numbers and other sensitive details stored in datacenters and servers across California, businesses have to step up their data protection procedures to make sure that security remains a top priority to minimize the potential fallout from a data breach which could easily arise from misconfigurations. 

With increasing demand for cloud computing, companies also have to update systems and remove faulty hardware and failed hard drives more frequently. Businesses of all sizes are also frequently disposing of old hard drives, and sometimes selling these older components online. During this process, businesses remain vulnerable as removing damaged hard drives doesn’t prevent information from being recovered at a later stage. Data recovery can take place long after a hard drive has been disposed of, even if it has a defect and new software can’t be installed on the disk itself. 

In a recent study, it was discovered that old hard drives sold on eBay still contained personal information and corporate data that hadn’t been erased. Email messages, archived internal employee data and shipping manifests were also found on SSD hard drives and this information could be recovered easily. 

In order for data to be completely removed, software alone cannot fully erase a hard drive. It is simply written over with a new layer leaving the previous set of data and all the files left on the disk. For businesses and organizations, data removal is essential especially when their old hard drives are being removed and either sold or recycled. At this stage of removal, there is still a significant risk that data can be re-discovered, and even harvested by others.

For a hard drive to be erased, a degausser can be used to magnetically wipe a disk clean. This guarantees that all the data, and even the previous versions of operating systems get removed. There are different types of degaussers that can be used depending on how many drives a business needs to process before they are recycled.

New York data laws set for sweeping change as stricter standards are implemented

New York is about to change the game for businesses as it implements the Stop Hacks and Improve Electronic Data Security Act, or more commonly referred to as the SHIELD Act.

The new reforms will mean that New York State data standards get a dramatic upgrade with the attorney general’s office being provided with a whole new set of data security enforcement privileges.

The impact of the SHIELD Act will affect businesses that collect data from New York residents, bringing a new level of scrutiny for companies that handle personal information. Coming into effect on March 21st, beyond data breaches, the attorney general will be able to investigate companies where whistleblower complaints about data collection and handling have been made. This means that businesses who have had no data breaches will now be liable under the Act, and could face civil penalties if they are deemed to be inadequately handling data.

This follows the implementation of CCPA in California, and adds a layer of compliance for businesses that are not necessarily dealing with data theft or breaches, but are considered to have improper data handling processes.

One of the ways in which businesses can create more transparency about their data handling and data processes is through auditing, and data destruction. For many businesses, this can prove effective in demonstrating clear processes, where audit reports can be provided to law enforcement agencies and the state.

The new SHIELD Act is likely to be the first of many data laws that are enforced in the coming months as data collection and the handling of personal information face further regulation in the U.S. and internationally.

Is your business auditing its data handling processes for more transparency?

96% of businesses concerned with cloud security as majority suffer data breaches

A new survey with 3500 IT managers across 26 countries has revealed that a majority of businesses have suffered a breach over the past year, while 96% of companies were concerned about cloud security as a whole.

Conducted by Vanson Bourne, companies expressed their concerns over a number of issues in the survey, particularly data leaks and cloud security vulnerabilities. More than 70% of IT managers admitted that some form of security breach had taken place within the last year and businesses suffered from malware attacks, cryptojacking and a variety of data breaches. 

With new data laws and regulations in place in the U.S. and around the world, businesses that are fully integrated into the cloud are struggling to maintain a secure, digital landscape for their employees as well as their clients. 

Several high profile cases in the past few months have led to record fines being imposed by regulators as breaches become a primary focus for data security and businesses that operate in an integrated digital environment. 

With the lack of comprehensive data security policies to protect personal information, companies are still at risk of suffering substantial lawsuits should user data fall into the wrong hands. This goes for companies that also fail to secure and fully erase personal records from older, legacy systems. 

In the new era of cybersecurity, integrated web infrastructure and cross-border legal requirements on data handling, it is more important now than ever to create a safe environment online, while also ensuring a proper data disposal process exists within a company.

Businesses looking to securely erase their data and dispose of hard drives and magnetic media can explore using professional hard drive degaussers and hard drive destroyers. Degaussers ensure that data is magnetically erased from the medium, ensuring that it can’t be recovered later. This is especially important for government agencies, law enforcement and hospitals that handle sensitive data. Hard drive destruction can also render a hard drive inoperable once it has been magnetically erased.

Is your business securely erasing its data?