How to Recycle Technology Responsibly (without compromising your security)
Did you ever wonder how to recycle technology responsibly? Earth Day is a good time to think about how our daily lives affect the planet we call home. If you’re like us, staying updated with the latest gadgets often results in boxes full of outdated tech. With Spring in the air, it can be tempting to just toss all that tech in a fit of Spring cleaning fever, but don’t be too hasty!
Did you know that old computers and gadgets often contain toxic chemicals that seep into the ground from landfills? What about the possibility of scavengers harvesting sensitive financial data from one of your tossed PCs? Never fear, there are ways to recycle technology responsibly without hurting the earth (and without compromising your sense of security). Follow these simple steps and you’ll be well on your way to a cleaner home – and a healthier planet!
-
Avoid throwing batteries in the trash
Batteries contain toxic chemicals which leak into the soil from landfills. These chemicals eventually wash down into our watershed and can get into the water supply. This affects everybody! Many grocery and department stores now have battery recycling drop-offs where old batteries can be recycled the safe way. This goes for rechargeable batteries as well. Not sure where to drop them off? Lowe’s hardware started a rechargeable battery recycling program in 2004.
Also, keep in mind that most hardware (such as laptops, PCs, game consoles, etc) have batteries embedded inside. These should also be removed and recycled separately before recycling the rest of the hardware. If you’re not sure how to remove the battery from your device, searching Google for your device name and “remove battery” will usually provide step-by-step instructions.
-
Wipe your data first!
Recycling a computer or device that holds personal or financial data? Be sure and clean out any internal storage drives and thumb drives completely before hauling them away. Format these drives using a full wipe option (erase everything). Do not select the “quick wipe” options since those do not fully remove data from the disk. Many programs even offer “multi-pass” wiping for added security, but you really only need to wipe the data once. Multi-pass grew in popularity due to an urban legend and now only serves to ease the paranoia of the uninformed.
-
Donate your tech if possible
If your product is still functioning and might still have some use, consider donating it to a reputable reuse organization. These organizations will refurbish products and donate them to schools and charities wherever needs arise. A couple of good ones include The National Cristina Foundation and World Computer Exchange. Some local robotics teams and HAM radio clubs also seek laptops and monitors for their organizations, seek them out and see if they would like any of your items.
-
Take your computers to a responsible e-Steward in your state
If your product is too old or broken down to donate, the next best thing is to recycle it. Although any recycling program is better than none, the best option is to use one which takes part in the “e-Steward” network. These follow high standards to ensure that nothing goes to waste or ends up shipped overseas to landfills in developing nations. E-Stewards are located all around America – click here to find one near you.
-
When all else fails…
If you cannot locate a technology recycling program near you, many big-box retailers offer their own programs. Staples and Best Buy, for example, will be more than happy to recycle your old devices and computers for you. If you don’t have one of these stores nearby, most manufacturers also offer their own free recycling programs which allow you to ship them the hardware from anywhere. Contact each manufacturer directly to find out how to take part. The manufacturer’s website often contains detailed information as well.
-
What about this smart phone?
After wiping your data clean and resetting your phone to factory default settings, cell phones can be shipped to one of several nationwide recycling programs which specialize in providing this service. Call2Recycle is one such well known and respected program. Best Buy also maintains cell phone drop-off recycling kiosks near the front of their retail locations.
Website Privacy: I Like Big Data I Cannot Lie
By now, most people understand that websites collect data behind the scenes (often without notice). You may even opt to volunteer information by filling out and submitting an online form. But what rights do the website owners have to your data? Who can they share it with? What are your rights?
These are all great questions that we’ll talk about in this article.
Privacy Policy
[space10]
Every website which collects data should publish a Privacy Policy. This is not only for the users’ sake but also to protect the website’s owners. This privacy policy should explain how the site owners may use and disclose your data, the types of collected data, and how a user can contact the owner if they have concerns.
Okay, so now you know where to look to find out how your data is being used and what your rights are. But what if you want to submit confidential information? If you own the website, how do you keep confidential information secure?
SSL Certificates
[space10]
SSL (Secure Socket Layer) certificates are the modern standard in website security technology. When you visit a site that has a properly installed certificate, a secure link is established between the web server and your browser. This link ensures that the data passed between these two points remains private and confidential. When you complete a form on an SSL secured website you can be assured that your data will be protected against interception. Even if it somehow gets intercepted by an unintended 3rd party, that person would only see garbled nonsense. Modern 256-bit encryption is so secure that even if 70 billion modern processors were focused on cracking a single value, it would still take 77 septillion years to crack it (that’s 77 followed by 24 zeros)!
You can tell if a website is protected by an SSL certificate by looking at the URL of the page you’re viewing – check if it starts with https:// (the “s” stands for secure). Also check to the left of the address to make sure a green padlock appears (or its equivalent in your browser of choice).
Data Process Protection
[space10]
As a user, once you verify that the site is SSL secured and has an agreeable Privacy Policy, clicking “Submit” still transfers control of your data over to the website’s owner. As an owner, it is important to regularly review internal protocols to make sure that you are living up to the published Privacy Policy. If your form has the potential to collect identifying healthcare information, this becomes a mandated legal requirement.
Online Form Sent to Email
[space10]
Some online forms send data directly to the recipient’s email address. Email is still one of the least secure forms of online communication. Often an email will get copied and stored in plain text on several servers during routine transit – a footprint which doesn’t disappear for years. For this reason, you should never email confidential information unless both the sender and recipient are using end-to-end encryption.
Products like Proofpoint offer email encryption for organizations. They also have products which scan incoming and/or outgoing email to ensure that their organization is not sending or receiving sensitive data – those emails get stopped by the gatekeeper. These are great tools to minimize risk.
Online Form Sent to 3rd Party Program
[space10]
There are many 3rd party products available that encrypt online form submissions and send them to a secure document server for retrieval using a private decryption key. The intended recipient may receive an email about the form but the email will not contain any actual data. You will still need to review the 3rd party product you’re subscribing to and ensure that their security procedures are adequate.
Appletree MediaWorks has experience collecting and securely storing online data and documents for our clients. We would be happy to discuss your company’s security needs.
Key points to a secure data system include:
- SSL Certificate on the entire website (this makes Google happy too)
- Secure Passwords and separate accounts for each user
- Document encryption and decryption process
- Document authentication and retrieval system
- A Web Application Firewall
- Storing documents outside of the live website
- Retrieving and viewing the uploaded documents only through SSL
- Audit report with logins, document access logs and IP addresses
- A procedure for truly deleting information off of servers and computers (multi-pass)
- MySQL injection prevention
- Training staff on proper privileged document handling procedures
Improper Data Procedures
[space10]
My family recently had an experience with an insurance company that collected lots of personal information on their paper application forms. They insisted on using paper applications because they were more “secure”. They cited concerns that the data might be hackable if it was online. As an IT professional, I knew it would be much easier to steal paper from a desk than it would be to hack it from a secure environment. But I trusted that this professional company had staff trained on proper document handling procedures.
The company then made a simple and foolish mistake. They scanned in our application and attached it to an email and sent it back to me with a question. We had a long discussion about the risk they just put our family in by sending this form over email. As IT professionals, we offered them other workflow options that did not involve sending secure data through insecure channels. They are now paying for identity theft services for our family because of their mishandling of our secure information. This is a good example of how improper training and knowledge of these issues can become very costly for a company – and how the right knowledge can help you hold companies accountable when and if your data is ever compromised.