NEWS RELEASE     FOR IMMEDIATE RELEASE

D3 Granted New Patent for Data Destruction on Optical Media

July 13, 2010 Fort Myers, FL -­­­ Digital Data Destruction (D3, Inc.) today announced that it was granted a new patent on its method and process to safely destroy the digital data contained on Optical Discs.  The patent award by the United States Patent and Trademark Office, # 7,753,762 adds to four previously awarded US and foreign patents in this exclusive niche. The new technology covered by this optical disc data destruction patent also anticipates a new more stringent National and International standard to destroy digital data due to emerging forensic recovery techniques.  This patent covers processes and technology which will continue to insure complete and total destruction of clients’ data in an efficient and economical fashion while addressing the rapidly growing need to comply with the data destruction requirements of HIPAA, Gramm-Leach-Bliley, FACTA and Sarbanes-Oxley Federal legislation and the NIST standard as outlined in SP 800-88.

The patent claims allow D3 to exclusively employ several unique methods to destroy the digital information contained on optical discs independent of where the data resides on the specific type of media.  Continuing unpublished work at eTriage and at other organizations has scientifically proven that many alternative processes currently used by commercial interests which rely on an antiquated paper shredding model or dimpling processes, keep significant amounts of data on the discs.  Government or commercial interests using unsafe technology invite serious financial and legal liabilities. This new technology from D3 provides the industry with Tier 5 equipment which is beyond forensic recovery.

Dr. Hutchison, President  and CTO of D3, Inc., said of this most recent patent award, “D3 continues to innovate and develop new processes and equipment which can be used to safely destroy digital data on electronic media, once that information is obsolete or has reached it’s end-of-life usefulness. ”

About D3 Services

D3 Inc. is a Wisconsin C Corporation formed in 2004 to offer high end digital data destruction equipment and services for the verifiable destruction of data on digital media.  The Company has a large secure facility in Wisconsin and a branch office in Fort Myers.  D3, Inc. is affiliated with CD Rom, Inc. and eTriage, Inc.

For further information on D3, please contact us or visit our web sites.

www.eTriage.us
www.d3services.com
www.cdrominc.com

Contact:

CBS News
www.cbsnews.com
By Armen Keteyian
Retrieved May 3, 2010
Go to Original Article

(CBS)  At a warehouse in New Jersey, 6,000 used copy machines sit ready to be sold. CBS News chief investigative correspondent Armen Keteyian reports almost every one of them holds a secret. 

Nearly every digital copier built since 2002 contains a hard drive - like the one on your personal computer - storing an image of every document copied, scanned, or emailed by the machine. 

In the process, it's turned an office staple into a digital time-bomb packed with highly-personal or sensitive data. 

If you're in the identity theft business it seems this would be a pot of gold. 

"The type of information we see on these machines with the social security numbers, birth certificates, bank records, income tax forms," John Juntunen said, "that information would be very valuable." 

Buffalo Reacts to CBS News Investigation 

Juntunen's Sacramento-based company Digital Copier Securitydeveloped software called "INFOSWEEP" that can scrub all the data on hard drives. He's been trying to warn people about the potential risk - with no luck. 

"Nobody wants to step up and say, 'we see the problem, and we need to solve it,'" Juntunen said. 

This past February, CBS News went with Juntunen to a warehouse in New Jersey, one of 25 across the country, to see how hard it would be to buy a used copier loaded with documents. It turns out ... it's pretty easy. 

Juntunen picked four machines based on price and the number of pages printed. In less than two hours his selections were packed and loaded onto a truck. The cost? About $300 each. 

Until we unpacked and plugged them in, we had no idea where the copiers came from or what we'd find. 

We didn't even have to wait for the first one to warm up. One of the copiers had documents still on the copier glass, from the Buffalo, N.Y., Police Sex Crimes Division. 

It took Juntunen just 30 minutes to pull the hard drives out of the copiers. Then, using a forensic software program available for free on the Internet, he ran a scan - downloading tens of thousands of documents in less than 12 hours. 

The results were stunning: from the sex crimes unit there were detailed domestic violence complaints and a list of wanted sex offenders. On a second machine from the Buffalo Police Narcotics Unit we found a list of targets in a major drug raid. 

The third machine, from a New York construction company, spit out design plans for a building near Ground Zero in Manhattan; 95 pages of pay stubs with names, addresses and social security numbers; and $40,000 in copied checks. 

But it wasn't until hitting "print" on the fourth machine - from Affinity Health Plan, a New York insurance company, that we obtained the most disturbing documents: 300 pages of individual medical records. They included everything from drug prescriptions, to blood test results, to a cancer diagnosis. A potentially serious breach of federal privacy law. 

"You're talking about potentially ruining someone's life," said Ira Winkler. "Where they could suffer serious social repercussions." 

Winkler is a former analyst for the National Security Agency and a leading expert on digital security. 

"You have to take some basic responsibility and know that these copiers are actually computers that need to be cleaned up," Winkler said. 

The Buffalo Police Department and the New York construction company declined comment on our story. As for Affinity Health Plan, they issued a statement that said, in part, "we are taking the necessary steps to ensure that none of our customers' personal information remains on other previously leased copiers, and that no personal information will be released inadvertently in the future." 

Ed McLaughlin is President of Sharp Imaging, the digital copier company. 

"Has the industry failed, in your mind, to inform the general public of the potential risks involved with a copier?" Keteyian asked. 

"Yes, in general, the industry has failed," McLaughlin said. 

In 2008, Sharp commissioned a survey on copier security that found 60 percent of Americans "don't know" that copiers store images on a hard drive. Sharp tried to warn consumers about the simple act of copying. 

"It's falling on deaf ears," McLaughlin said. "Or people don't feel it's important, or 'we'll take care of it later.'" 

All the major manufacturers told us they offer security or encryption packages on their products. One product from Sharp automatically erases an image from the hard drive. It costs $500. 

But evidence keeps piling up in warehouses that many businesses are unwilling to pay for such protection, and that the average American is completely unaware of the dangers posed by digital copiers. 

The day we visited the New Jersey warehouse, two shipping containers packed with used copiers were headed overseas - loaded with secrets on their way to unknown buyers in Argentina and Singapore.

The National Institute of Standards and Technology released the new SP 800-122, Guide to Protecting the Confidentiality of Personally Identifiable Information (PII) . These guidelines establish recommendations for protecting all Personal Identifiable Inforamtion within and organization. 

Across the board ban lifted for mission critical applications

The Defense Department was able to lift a ban on portable storage devices such as thumb drives because of changes to DOD computer systems that make the devices safer to use, Vice Adm. Carl Mauney, deputy commander of the U.S. Strategic Command, said today. But that doesn't mean personnel have carte blanche. DOD still maintains strict rules for the devices.

“After extensive testing of mitigation measures, DOD decided to make this technology available again on a strictly controlled basis on DOD computers,” Mauney said via e-mail. “Since the order restricting use of removable media, DOD developed capabilities and processes that allow safe use of these devices. Removable media use will be limited to mission-essential operations, and only after strict compliance requirements are met.”

The new policy, issued Feb. 12, only applies to government-procured and government-owned devices, Mauney said. Personally owned devices are still barred from all DOD networks and computers. Flash media can only be used as a last resort to transfer data from one location to another, and only when other authorized network resources are not available, he said.

For now, Army officials plan to keep the ban on flash drives in place, according to the Army News Service.

“We are currently conducting mission analysis in order to provide guidance for the Army's safe return of thumb drives and flash media,” officials from the Army Global Network Operations Security Center said, according to the news service.

The ban was issued in November 2008 after a virus was found to be spreading through military networks by copying itself from one removable drive to another. The ban covered all forms of USB flash media, such as thumb drives, memory sticks and cards, and camera memory cards, as well as some other removable media.

Retrieved February 10, 2010
http://www.pgp.com/

The 2009 Annual Study: Cost of Data Breach has just been released.
This is provided by PGP Corporation and the Ponemon Institute.  This survey documents the high costs that result when companies lose customer data.

Download your copy

NEW! 2009 Annual Study:
Cost of a Data Breach

The Paper Paradigm:

A Call for a New Electronic Standard
to Govern Digital Data Destruction

By Roger Hutchison
President, CD ROM, Inc.
August, 2009

  Click here for the article in PDF format