LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Regulations for PII/PCI (Beware of off center humor per Bruce's warning)
From:	Hugh Smith <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Thu, 14 Apr 2016 13:17:34 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (56 lines)

> From: DEBI TADD <[log in to unmask] <mailto:[log in to unmask]>>
> Subject: Regulations for PII/PCI
> Date: April 13, 2016 at 12:17:35 PM EDT
> 
> 
> Our CIO is under the impression that PII and PCI can not be maintained in
> the cloud.  The research we have conducted so far, talks a lot about the
> security that must surround this type of data, but nothing about where is
> can and can't be stored.
> 
> Has anyone had any experience with a regulation that contradicts this?  Is
> there a European regulation that governs where data can be stored?
> 
> Any and all feedback is welcome.
> 
> 
> *BBVA Compass *
> 
> *Debi Tadd*
> *Information Lifecycle Management, AVP*

Typically the information I provide is based more on anecdotal experiences that chapter and verse out of a records management book.

In discussions I have with clients, the problem is that the Cloud offers its low cost service of storage of data ( records, electronic records, email) with a engineered model of using the information assets that are stored in their Cloud as future data banks for their use, research, marketing data and buying trends and other purposes they do not even know yet.  Their fascination with these large data banks is a result of their perception that faster and faster processing and data crunching will yield untold benefits.  They include in their software agreement in many cases a stipulation that the information transfer from your ownership to their ownership in approximately five years.

They make no guarantees that they will protect it and their liability if it should disappear or become entangled in ransomware is minimal liability at best.

So we find ourselves with certain clients that having some bad experience ( #!!*&$$%#, Sacre´Bleu, Oh mon Dieu! ) pardon my French, where they now are looking for a way to protect that which they discovered was not protected.  Snowden, Panama, Aetna, the Homeland Security personnel files and on and on.  Just ask the Cloud legal department for their representation of what they are willing to cover liability-wise.

Certainly the European Union places extra concern for corporations but it is practical experience that is waking some people up.

In 30 years, no one ever hacked a back-up tape in store.  Statistics show it is far less expensive by a factor of 15 times to store data on tape than on line and far more accurate compared to the Bit Error Rate (BER).

The Cloud makes a sham of Information Governance because there is none.  But I have found many just add in a cost of doing business so Target and Home Depot increase their prices by $0.002 per item and go on with unsafe practices.  I just returned from the NAID show and the rate the corporations are shredding paper records is phenomenal.  From 100 companies doing it to over 1,000.  At the same time boxes in storage have contracted by 300% so the life on a shelf is not 16 years, but no less than 5.  The offsite storage industry has contracted from 900 companies to now less than 250.

If Big Data has access to all the files of every store and the consumer’s credit card pretty soon you see it in your email.  I get ads for CVS; where I buy my prescriptions and they offer me coupons on Mountain Dew and chocolate covered graham crackers and Claratin. (Whoa, it is as if they read my mind?)  I started buying super large dog biscuits so the crooks will think I have a huge dog.  See how you can use their pilfering of our vital information to protect ourselves.  Plus with all the Mountain Dew… guess what?  I am always awake.

The Cloud is horrible for privacy.  Over time I click on the “Agree” button on my iPhone I cringe. Same with my iPad.  They give me no option.  If I don’t agree my phone quits working.  And no matter how many times I tell them I don’t want my family photos in the Cloud they end up there.  And for some reason Dropbox now has them too!  No one is smart enough to figure out all the ways they steal our Personal Information.  ( Well maybe Fred, (Fred is even now replying about my horrible misuse of French)  Larry, Peter, Gary, David and all the wives in the world.  Wives invented data sifting and forensic receipt analysis long before the FBI figured it out. )

Records stored in Clouds are 100% chance they will have issues. Back-up encrypted tapes, in offline status, in offsite protected storage are infinitely more safe.  But I believe it is too late for most.  Banks and Medical are starting to react but retail and service companies don’t care.  As your Mam so wisely told you “If you want something done right!  You have to do it yourself.

Bruce, just for you… What is Forrest Gump’s  secret password??
1forrest1

Admit it!  You laughed.  And you will tell somebody that joke soon.

Hugh Smith
FIRELOCK Fireproof Modular Vaults
[log in to unmask]
(610)  756-4440    Fax (610)  756-4134
WWW.FIRELOCK.COM
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US