Security Engineered Machinery Donates to Local Eagle Scout Project for Children

February 6, 2020 at 6:48 pm by Paul Falcone

 

Benjamin Duby with his constructed Gaga Ball Pit.

Security Engineered Machinery donated monetary funds to the Eagle Scout project of Benjamin Timothy Duby of Worcester, MA. The project, which began in late 2019, was to construct a Gaga Ball Pit for the students of Wawecus Road School in Worcester, MA to be able to use during recess. Duby recruited family members and friends to aid in the construction after securing the funding from SEM and additional partners.

Benjamin worked as an intern for SEM in the past in both the manufacturing and shipping departments between his own school semesters. In his initial proposal for the project and funding, Duby stated: “Being a small elementary school, there is little budget for a playground and I noticed that another school one mile away had a playground that was much larger and more extensive. Building these pits will provide kids with a safe game to play at recess and a way to stay active.”

The pit, known as a Gaga Ball Pit, is a last person standing arena game where players of all ages bounce a ball towards each other in an attempt to make contact with a player below their legs. If a player is hit by the ball, they are out of the game, and this continues until there is a single player remaining.

“We’ve seen the work ethic and values that Benjamin holds when he has assisted us through his internship,” said Andrew Kelleher, President and CEO of SEM. “Therefore, when he asked if we were willing to help him and the children of Wawecus Road School, it was a very easy decision to make.”

Throughout the 52 years they have been in business, SEM has consistently given back to the community they’ve called home for the last half a century. In the last few months alone, SEM has donated hundreds of pounds of food to the Worcester County Food Bank, provided over 80 toys for less fortunate children from Westborough, MA over the holidays, and built a log cabin playhouse for a local veteran family.

Mr. Duby completed his Eagle Scout project on December 13th and passed the Eagle Scout board of review on January 28th, which is no small feat for a scout to achieve.

Gingerbread Smackdown!

December 23, 2019 at 8:26 pm by Heidi White

Here at SEM, we not only enjoy providing superior service and products to our clients, but also love having fun. This holiday season, we decided to have a gingerbread house competition and to allow our social media friends to vote on the winner. All seemed to be moving smoothly and easily at first: we asked for signups, made our teams, and scheduled the event for 20 December. Employees signed up to bring snacks and cider, the Culture Committee purchased gingerbread house kits for participants, and gingerbread builders were asked to bring in decorations for their houses.

That’s when things got a little heated.

Next thing we knew, employees were rushing into work with bags of candy  clandestinely tucked beneath their winter coats, water cooler conversations abruptly ended if a rival team member approached, and whispers about stained glass made out of Jolly Ranchers (!) could be heard.


On the day of the event, spirits were high and everyone was excited to get to work. Team #1 made a classic gingerbread house with marshmallow snow, a candy cane sign, and even a brick walkway. Rival team members cried foul when they saw the brick walkway, crying out, “Paper isn’t edible! Disqualified!” However, after an intensive internal review, the Culture Committee clarified the rules stating that there were no rules, and the competition continued.

Team #2 decided to create a non-traditional gingerbread house, and we will just leave that one right there.
Team #3 went all out with a complete gingerbread train, gingerbread tree, and gingerbread man. They made train tracks out of black licorice and brought glittery snow to put under it all. Rival teams (of course) called foul on the gingerbread train since it wasn’t “regulation” size, but the Culture Committee reiterated the rules – there are no rules – and the competition continued.


Throughout all of the bantering about regulation gingerbread trees and unfair paper walkways, and while Team #2 made their… well, let’s call it a modern art creation, Team #4 quietly and diligently worked to create their masterpiece, a traditional candy house complete with stained glass windows (yes, they went there), custom frosted trees, a pretzel fence, and Santa on the roof.


At the completion of the competition, we turned to social media for votes, and did our clients, friends, and family ever show up! After a weekend of voting, Team #4 was crowned the winner of the gingerbread house competition. And while the prize is lunch out for the winning team, the real prize is bragging rights.

And there has been plenty of bragging, to which the rest of say, “Until next year…”

Happy Holidays!

DIN 66399 Globally Standardized to ISO/IEC 21964

June 28, 2019 at 4:09 pm by Paul Falcone

The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), who together form the specialized system for worldwide standardization, have established a joint technical committee, ISO/IEC JTC, in the field of information technology. In August of 2018, ISO/IEC JTC internationally standardized the German Institute for Standardization’s DIN 66399 terms and principles for destruction of information technology data carriers. This standard, ISO/IEC 21964, is now being referenced by organizations on an international level when referring to data destruction requirements. The materials referred to in security levels are identical to those referenced in DIN 66399 and are as follows:

P — information in original size such as paper, film, and printing plates

F — information in miniaturized form such as microfilm and microfiche

O — information on optical data carriers such as CDs, DVDs, and Blu-ray Discs

T — information on magnetic data carriers such as floppy discs, ID cards, magnetic tape cassettes, mag stripe cards, and CAC IDs

H — information on hard drives with magnetic data carriers such as rotational hard drives

E — information on electronic data carriers such as memory sticks, RFID chip cards, solid state drives, and mobile communication equipment

P-7, shown above, is the standard for the destruction of classified material on paper

The ISO/IEC 21964 limits for particle sizes also have not changed from the DIN 66399 standard and remain as follows:

Paper Media

  • P-1: Particle size ≤ 2,000mmor strip width ≤ 12mm x unlimited strip length
  • P-2: Particle size ≤ 800mmor strip width ≤ 6mm x unlimited strip length
  • P-3: Particle size ≤ 320mm2or strip width ≤ 2mm x unlimited strip length
  • P-4: Particle size ≤ 160mmand for regular particles: strip width ≤ 6mm, such as our Model 5141P
  • P-5: Particle size ≤ 30mmand for regular particles: strip width ≤ 2mm
  • P-6: Particle size ≤ 10 mmand for regular particles: strip width ≤ 1mm
  • P-7: Particle size ≤ 5 mmand for regular particles: strip width ≤ 1mm or dissolved with particle size ≤ 5mmor shredded ash with particle size ≤ 5mm2 such as with our Model 244/4
NSA listed DVD shredder
O-6, shown above, is the standard for the destruction of classified material on DVDs and Blu-ray Discs.

Optical Media

  • O-1: Particle size ≤ 2,000mm2
  • O-2: Particle size ≤ 800mm2
  • O-3: Particle size ≤ 160mm2
  • O-4: Particle size ≤ 30mm2
  • O-5: Particle size ≤ 10mm2, such as with a Model 0201.
  • O-6: Particle size ≤ 5mmor shredded ash ≤ 5mmor melted compound, such as with a Model 0200 OMD/SSD with Cabinet Kit
  • O-7: Particle size ≤ 0.2mmor shredded ash ≤ 0.2mmor melted compound

Magnetic Media

  • T-1: Medium physically unusable
  • T-2: Medium broken into several parts and particle size ≤ 2,000mm2
  • T-3: Particle size ≤ 320mm2
  • T-4: Particle size ≤ 160mm2
  • T-5: Particle size ≤ 30mm2
  • T-6: Particle size ≤ 10mm2
  • T-7: Particle size ≤ 2.5mmor shredded ash ≤ 2.5mmor melted compound, such as a Model DS-400
H-3, shown above, is an approved method of destruction of classified material found on rotational hard drives, as long as the hard drive has been previously degaussed in an NSA listed degausser.

Hard Drive Media

  • H-1: Hard drive physically/electronically unusable
  • H-2: Data carrier damaged
  • H-3: Data carrier deformed, such as with a Model 0101 Crusher
  • H-4: Data carrier broken into several pieces and deformed and particle size ≤ 2,000mm2, such as with a Model 0305
  • H-5: Data carrier broken into several pieces and deformed and particle size ≤ 320mm2
  • H-6: Data carrier broken into several pieces and deformed and particle size ≤ 10mm2
  • H-7: Data carrier broken into several pieces and deformed and particle size ≤ 5mmor heated above Curie temperature
ssd shredder
A 2mm particle, shown above, falls under the E-5 category and is the standard for the destruction of classified material on solid state drives and devices.

Electronic Media

  • E-1: Media physically/electronically unusable
  • E-2: Media broken into pieces, such as with a Model 0101 with SSD Kit
  • E-3: Media broken into pieces and particle size ≤ 160mm2, such as a Model 0304 Combo Shredder
  • E-4: Data carrier (chip) broken into pieces and particle size ≤ 30mm2, such as a Model 0205
  • E-5: Data carrier (chip) broken into several pieces and particle size ≤ 10mm2, such as a Model 2SSD
  • E-6: Data carrier (chip) broken into several pieces and particle size ≤ 1mmor shredded ash ≤ 1mm2
  • E-7: Data carrier (chip) broken into several pieces and particle size ≤ 0.5mmor shredded ash ≤ 0.5mm2, such as with a Model SSD1-HS

Film Media

  • F-1: Particle size ≤ 160mmwhere 10% of the material may exceed the specified particle size, but shall not be more than 480mmin size.
  • F-2: Particle size ≤ 30mmwhere 10% of the material may exceed the specified particle size, but shall not be more than 90mmin size.
  • F-3: Particle size ≤ 10mm2  where 10% of the material may exceed the specified particle size, but shall not be more than 30mmin size.
  • F-4: Particle size ≤ 2.5mmwhere 10% of the material may exceed the specified particle size, but shall not be more than 7.5mmin size.
  • F-5: Particle size ≤ 1,0 mmwhere 10% of the material may exceed the specified particle size, but shall not be more than 3.0mmin size.
  • F-6: Particle size ≤ 0.5mmor shredded ash ≤ 0.5mmwhere 10% of the material may exceed the specified particle size, but shall not be more than 1.5mm2in size.
  • F-7: Particle size ≤ 0.2mmor shredded ash ≤ 0.2mmor dissolved. The particle size shall not be exceeded.

For more information, please visit our DIN 66399 (ISO/IEC 21964) page here.

The NSA EPL: The Policy that Protects Your Data

June 14, 2019 at 6:40 pm by Paul Falcone

In today’s world the amount of personal data that is accessible in your hands continues to grow by the day. As our data grows, so does our security concerns about how our data is accessed and how it should properly be destroyed. Luckily, there is a guideline that continues to update the products that are proven to destroy data to the point of no return: The Evaluated Product List (EPL) by the National Security Agency/Central Security Service.

What is the NSA EPL?

The NSA EPL is a series of lists that breaks down what devices have been tested and approved by the NSA to meet the necessary physical destruction requirements for all types of data bearing media. Some of these final particle sizes for top secret data are a 1mm x 5mm final particle size for paper and a 2mm particle size for DVDs and Blu-ray Discs. There are seven lists total, as well as a guide that cover a variety of devices used to destroy different media that can hold and store sensitive data. The lists are as follows:

  • NSA/CSS Storage Device Sanitization Manual
  • NSA/CSS Evaluated Products List for Hard Disk Drive Destruction Devices
  • NSA/CSS Evaluated Products List for Magnetic Degaussers
  • NSA/CSS Evaluated Products List for Optical Destruction Devices
  • NSA/CSS Evaluated Products List for Paper Disintegrators
  • NSA/CSS Evaluated Products List for Paper Shredders
  • NSA/CSS Evaluated Product List for Punched Tape Disintegrators
  • NSA/CSS Evaluated Product List for Solid State Disintegrators

For links to the latest lists, click here.

Why is the NSA EPL Important?

On January 23, 1968 the U.S.S Pueblo was in international waters aiding South Korea and gathering and intercepting codes and messages from the North Koreans when the ship became under siege. Crew members attempted to destroy the cryptologic materials that were used to decode secret messages, with one man being killed and three wounded. The North Koreans ended up seizing the ship and all of its crew, keeping the 82 surviving members crew members captive for 11 months. The event represented the largest single loss of sensitive data in US history. It was this very event that actually inspired the creation of the very first SEM disintegrator, as SEM founder Leonard Rosen sought to find a solution for the navy to destroy data in case this ever happened again.

uss-pueblo
Original oil painting depicting North Korean attack by artist Richard DeRosset commissioned by SEM. North Korean ship and aircraft numbering is exact for the attacking forces.

On February 1st, 2003, the Columbia space shuttle tragically disintegrated upon reentering the earth’s atmosphere after 17 days in space. As the pieces of the shuttle burst into flame and hurled towards Earth at high speeds, a hard rive that contained data from the exhibition landed in a river bed in Texas. This hard drive stayed in the riverbed for over six months through all forms of weather until it was discovered and sent to Ontrack to attempt to recover the data.

A look inside the drive that fell from the Columbia shuttle

After a team of engineers got to work, they were able to reconstruct the rotational drive and recover over 99% of the data on the drive. A drive that fell from outer space, on fire, into a riverbed for over six months was able to have its data recovered.

What do these stories have to do with the NSA EPL? Without a set of standards, what people would consider destroyed, or how people would think data is protected, would be very, very, different from what is actually needed to ensure complete physical destruction. By having these standards and a push for devices that can meet these standards, data that needs to be protected to keep people safe around the world can be properly disposed of. This ranges from your own  Personally Identifiable Information (PII) to our nation’s and military’s largest secrets that protect millions of lives.

That means whether it’s designing destruction machines that fit specific dimensions of naval ships, or building a shredder that can destroy hard drives better than falling through the atmosphere, the NSA EPL has the specifications that ensure all data has a proper end-of-life solution.

At SEM, we take pride in being the global leader in high security end-of-life solutions. As such, we are constantly ensuring that our machines are meeting the latest standards provided by the NA, and using our expertise to educate the community at large to keep data of both the government and US citizens safe.

 

The Poorly Stitched Patchwork of US Data Security Policy

May 9, 2019 at 5:24 pm by Paul Falcone

Every few months it seems like we have a new data breach that exposes hundreds of thousands – if not millions – of individual’s personal and private data. From the Equifax leak in 2017, to Yahoo in 2013, to the Marriott in 2018, customers are losing faith in companies to properly handle their private data. In fact, as of 2017, over 64 percent of Americans have personally experienced a data breach, and with the latest leaks over the last two years, it’s fairly safe to assume that the number has grown even higher.

As the rest of the world continues to move towards a singular, comprehensive, and consumer-focused data security protection plan, the United States continues to fail to pass any meaningful legislation. This lack of forward movement, coupled with the fact the U.S citizens are more concerned for their data than ever, has led to individual states taking the responsibility onto themselves. The problem, however, is this only makes more headaches for both consumers and companies as a whole.

So what laws are in place right now?

Right now, instead of a unified regulation for personally identifiable information (PII), individual industries are given regulations. The healthcare industry and the credit card industry are two examples of this, governed by HIPAA (Health Insurance Portability and Accountability Act) and PCI-DSS (Payment Card Industry Data Security Standard), respectively. While having some sort of regulation can provide clarity for companies and more transparency for citizens, the truth is states can pass their own regulations within these industries, making a state by state case of how a singular company might have to respond. Confusing, right?

To fix this, some states, like California, have decided to try and lay the groundwork for a more uniform consumer-focused, approach. The California Consumer Privacy Act (CCPA) that was passed in 2018 will be going into effect January 1, 2020 and looks a lot like Europe’s General Data Protection Regulation (GDPR) that went into effect in 2018. The Act, which would affect any company who does business with customers who are citizens of California, would provide the following protections to consumers:

    • A consumer must be notified of what personal information is being collected, how it is collected, and whether it will be disclosed or sold.
    • Consumers must have the right to easily opt out of having their personal information sold.
    • Consumers must be informed that they have the right to have their personal information deleted. The process to do so must be easy and straightforward.
    • A consumer exercising these new rights cannot be discriminated against as a customer for opting out of any data sharing or for having their information deleted.

This is a good start for not only consumers in California, but across the U.S. As stated above, this Act would affect any company that does business with consumers in California; meaning that companies that exist in other states, but still sell to California, will be affected.

Other states including Colorado and New York also have their own state laws that they have passed. In Colorado, the Protection for Consumer Data Privacy Act was passed in September 2018, while in New York the Stop Hacks and Improve Electronic Data Security Act was first introduced in 2017. In fact, 35 U.S. states currently have some form of data privacy and disposal regulation in place. And all of these regulations have variations from the California Act, which makes it even more difficult for companies to comply to when doing business across state lines.

 

So why isn’t this happening at the federal level yet? There seems to be bipartisan support with bills being submitted from both sides of the aisle, but progress has been slow. As these data breaches continue to happen, policy at the federal level will have to jump in sooner or later.  Over the last year, five separate bills have been drafted and submitted to Congress with varying takes on the governments roll on regulation. The bills include the following:

    • The Customer Online Notification for Stopping Edge-provider Network Transgressions (CONSENT) Act by Richard Blumenthal (D) and Ed Markey (D).
    • The Social Media and Consumer Rights Act of 2018 introduced by Amy Klobuchar (D) and John Kennedy (D).
    • The Consumer Data Protection Act introduced by Ron Wyden (D).
    • The Data Care Act introduced by Brian Schatz (D).
    • The American Data Dissemination Act (ADD) introduced by Marco Rubio (R).

Each of these bills looks at the issues of data security from a different point of view and has various opinions on the role of government, how much access a customer should have, and what the consequences for responsible parties should be in the result of infractions.

The CONSENT Act by Blumenthal and Markey was proposed in April of 2018 and looks to have the Federal Trade Commission (FTC) draft a set of federal rules around suggested guidelines. These suggestions are for the consumer to have to opt-in to have their data collected and used as opposed to having to opt-out, like so many companies do now. The Act also suggests that the consumer would have the right to know, if they opted in, how their data was used and to whom it was going. It would also prohibit companies from refusing service to consumers who refuse to share their data.

The Social Media and Consumer Rights Act of 2018 was introduced in April of 2018, just two days after the CONSENT Act. The Act was drafted by Klobuchar and Kennedy and shared many similar ideas to the CONSENT Act. This Act aimed to make data collection from companies more transparent and give the consumer the ability to both opt out of data collection and the ability to view what data has been collected. A following key point was that in an event of a data breach, all affected parties must be notified within the first 72 hours of detection. The FTC would be the governing body and individual states attorney generals would act as the civil enforcement.

The Consumer Data Protection Act by Wyden was introduced in late fall 2018 and carries a lot of the same ideas as the previous two. The Act suggests that consumer have the right to opt out instead of opting in to data collection, and that companies be more transparent with how the data is used. He also suggests that the FTC be provided with increased funding to be able to properly oversee these new regulations. However, the big difference in senator Wyden’s Act comes from the penalties companies should face.

In the Act, Wyden suggests that any company that has revenue exceeding one billion dollars or warehouse data on over 50 million customers must submit an “annual data protection report” to the government detailing the steps taken by the company that year to protect customer data. The catch is that if there is any misinformation or attempt to willingly mislead the FTC, there can be a five million dollar fine and up to 20 years in prison for executives. The severity of the penalties make it a strong contrast to the two acts the came before it.

Next was Brian Schatz’s The Data Care Act, which was proposed on December 12 in 2018 and builds on all the bills proposed before it. The Act calls for companies to be more secure in handling their consumers data and states that consumers must be notified in the event of a data breach. The FTC would be given the power to penalize companies that are misusing consumer data, as well as hold them responsible for all information given to third parties that originated within that company. The Data Care Act broke down its mission into these bullet points:

    • Duty of Care – Must reasonably secure individual identifying data and promptly inform users of data breaches that involve sensitive information.
    • Duty of Loyalty – May not use individual identifying data in ways that harm users.
    • Duty of Confidentiality – Must ensure that the duties of care and loyalty extend to third parties when disclosing, selling, or sharing individual identifying data.
    • Federal and State Enforcement – A violation of the duties will be treated as a violation of an FTC rule with fine authority. States may also bring civil enforcement actions, but the FTC can intervene.
    • Rulemaking Authority – FTC is granted rulemaking authority to implement the Act.

The Data Care Act had the largest following, with 14 other Congress members co-sponsoring the proposal.

Rubio’s American Data Dissemination Act takes a different angle. Proposed in February 2019 with no co-sponsors, his bill suggests that the FTC themselves draft up the rules, like the CONSENT and Data Care Act, and send them to Congress for approval. It is stated that the FTC would seek to create rules for the “tech giants” while exempting smaller companies from the same rules, allowing them a chance to be competitive within their industries. The Act would prioritize consumer welfare over corporate welfare and would preempt state law, meaning that this would supersede the state laws that are being drafted and implemented in individual states. Unlike the previous proposals, Rubio’s was more open to the FTC drafting the ruleset with fewer suggestions beforehand from him directly.

So where are we now?

While none of these proposals have gained a lot of traction, they serve as a spark that spreads into a conversation among consumers, politicians, and companies alike. The fact that these proposals keep coming show that it’s not a matter of if, but a matter of when the U.S. will have a federal data privacy policy.

Around the world, Europe, Japan, and Canada are all making uniform approaches to keep data security laws the same across their countries. This makes the guidelines easy to follow for companies and easy to understand for consumers. In Europe, GDPR has seen a launch with increased consumer rights and companies already being penalized for failing to comply. Canada had the Personal Information Protection and Electronic Documents Act (PIPEDA) go into effect November 1, 2018, further protecting the personal information of their citizens and holding companies responsible for breaches. In Japan, a Personal Information Protection Commission was created to enforce a regulation that would be in compliance with GDPR’s new guidelines.

Soon the U.S will have to follow suit, and it will make everyone’s data safer in the process. But it’s not hard to make something that is safer than the poorly stitched together patchwork of polices that we have in place now. A patchwork where we’re one data breach crisis away from it all ripping apart.

Security Engineered Machinery is the Global Leader in High Security Information End-of-Life Solutions. 

 

 

 

 

Kind Words from DT Asia

August 23, 2018 at 12:45 pm by Heidi White

“We appreciate SEM and team’s dedication to quality service. Very rare to find such old school philosophy with the new age workforce nowadays.”

—David O., DT Asia Group

 

A Note on Chris Hunt, Technical Support Specialist

August 22, 2018 at 7:45 pm by Heidi White

“I also wanted to send a few words about Chris Hunt, the unassuming guy that showed up for the last maintenance call. I wanted to let you know, he did THE best service call ever done on my machine.  His thoroughness and attention to detail blew me away. Every little I dotted and T crossed. Not only does it sound like it is running in top shape, it actually IS running smoother and better than it ever has. Kudos to the man!”

—Richard S., Naval Submarine Base Kings Bay

A Note on Paul Dettmer, Service Technician

at 7:35 pm by Heidi White
Paul Dettmer, Service Technician

“I wanted to drop a quick note to let you know how helpful and professional Paul was while at our building.  He took the time to work through the equipment, perform the PM [preventive maintenance], and offer suggestions on how to avoid any future issues with our equipment. He also made the effort to answer a few questions we had about new equipment we might need later down the road and was very knowledgeable about the various machines and their capabilities. We greatly appreciated his time, effort, and knowledge during this call and wanted to make sure that was passed on.”

—Brandon A., US Department of Justice

Data Destruction from 1980-2014: a Retrospective

June 1, 2014 at 5:01 pm by SEM

After 34 years in the information destruction industry, I am finally riding off into retirement or to use a famous golf analogy, “I am on the back nine.”…..actually, I am on the 18th hole walking toward the clubhouse. I would like to take a moment to reflect on the various changes in the shredding industry (if any) and mention a few of the accepted methods used today to destroy the most common forms of media.

What’s changed: Back in the early 80’s, or as far back as I can remember, the most common acceptable methods of destroying paper was incineration or disintegration. Both methods are still in use today but incineration is less common due to environmental restrictions and inconvenience. Back in the day, high security cross cut shredders were not yet approved for top secret level paper. Disintegrators, which pulverize paper into tiny bits, was the most common destruction method with most federal government organizations and private industry companies that were tied directly to the defense industry. Disintegrators were first introduced by SEM back in the mid 60’s and due to their ruggedness & versatility, are still used today to destroy a variety of media forms.

When classified top secret paper shredders finally arrived on the scene in the early 80’s, the approved shred size was 0.8 x 11.1 mm (1/32″ × 7/16″). Events in history, including the Iranian US Embassy hostage takeover and the episode with Colonel Oliver North shredding the Iran –Contra documents in the late 80’s, created a significant public awareness on document shredding.

In the mid 80’s, it was uncommon to see the general public or non-government companies shredding sensitive documents. In October 2008, the government established a new set of guidelines requiring an even smaller (1mm x 5mm) shred size for top secret paperwork. In government circles, this is referred to level 6 / P-7 or NSA approved.

 

What happened to the Paperless Society ? When microfiche arrived  (are you old enough to remember micro fiche?), it was common to hear people say that we have finally entered a “ paperless society”. I remember how scary it was for a young sales guy to hear that statement, especially when you are trying to make your living selling paper shredders. From a security standpoint microforms, which included mostly micro fiche and 35mm film, created somewhat of a destruction issue due to the fact that it was a reduced image material that required extreme destruction standards. Imagine that, a whole book on one sheet of film. At the time, the government destruction standard for microforms was a dust-like particle. Back then, there were very few approved microfiche shredders on the market and they could only shred very small amounts at a time. It was a tediously slow process.

What hasn’t changed: So here we are in 2014. We have our high speed super computers storing information on a variety media including: CDs/ DVDs, data tapes, hard disk drives, solid state drives and all kinds of media too long to mention that is storing sensitive information. Even though these forms of media are supposed to reduce the amount of paper, the paperless society never materialized and paper is still here in force. The way in which information is stored may have changed but what has not changed are the methods to eliminate the information. In the end, whether its paper or optical disks or data tapes or hard drives, shredding is the most accepted method to delete the data.

I will now move on to another great challenge in life for me, breaking 100 (of course, I am referring to golf). See you at the 19th hole!