Kick ACE Blog
Hi! I'm Bob McCarthy
I write things
February 18, 2021
Looking for a New Sustainability Objective?
Is your organization looking for a way to meet your 2021 sustainability objectives? After years of coming up with programs such as recyclable trash cans in the lunchroom, recyclable paper bins in the front office, or upgrading light fixtures to LED lighting to reduce power consumption, many companies are on the search for their next sustainability initiative.
Imagine incorporating a plan in 2021 that would lead to protecting workers' health both domestically and abroad, reducing your organizations' carbon footprint, and showing a commitment to environmental stewardship. Imagine being able to look at your shareholders and tell them because of this new initiative, you are also reducing significant risk from a legal compliance and branding perspective for the organization. What one initiative can make such an impact you ask? Simple. Verifiable responsible recycling of your old electronic equipment.
Did you know that the earth's annual e-waste could grow to 75 million metric tons by 2030? That is a pretty large pile of discarded electronics!! Unfortunately, this amount of e-scrap can also have a significant negative impact on the environment and human health and safety. An example of this can be found in Guiyu, China, commonly known as the world's largest e-waste dumping site. Here, the blood lead levels in children are significantly higher than the children in neighboring communities. Why you ask? The answer lies in the primitive e-waste recycling activities found in many developing countries. These primitive practices destroy the environment and, in turn, harms human health. Unfortunately, most companies in the United States today do not understand what impact their discarded electronics can have on the world today.
Creating a sustainability plan would require your organization to document your old electronics' process flow. This plan would include having documented evidence of where products are refurbished for reuse or destroyed for commodity recovery. Whether you are a manufacturer, a cable provider, or a fortune 500 company, using a R2 certified vendor such as Adams Cable Equipment will allow you to follow the complete process flow of your old electronics all the way to the end. In addition, here at Adams Cable, we are even able to provide a sustainability report to show the impact of your organization’s electronic recycling activities carbon footprint.
Have 2021 be the year your organization decides to take control and truly understand the impact their discarded electronics can have on the world.
February 2, 2021
Save Yourself the Headache: Use an Authorized Arris Refurbisher
Imagine, a consumer sitting at home, trying to do their work online, when suddenly, they have no access to the internet. They try all the of tricks they have learned over the years by unplugging their router and modem, restarting their computer, and even waiting 30 minutes to see if the problem fixes itself. But to no avail, they still do not have internet service and they have a zoom meeting with their boss in
Now imagine this happening to thousands of consumers, on the same day. Can you imagine the chaos it would create for the cable provider? The number of incoming calls to customer service and technical support would be staggering! And worse yet, the number of lost customers a system could potentially see would be devastating to the bottom line.
The reality is that come May 2021, this is exactly how things could play out if Cable Systems are using Arris and Motorola legacy product from a non-authorized refurbisher or distributor. You see, legacy Arris and Motorola DOCSIS 3.0 modems will begin going out-of-service in May 2021 unless action is taken to load renewed CableLabs issued DOCSIS Manufacturers CA certificates prior to that date. Without this action, modems with the expired certificates, simply will not be able to come on-line and will become effectively nonoperational.
Using an authorized Refurbisher of Arris and Motorola product, such as Adams Cable Equipment, allows the refurbisher to legally download the updated firmware and renewed Manufacturers CA certificates to the DOCSIS 3.0 modems to keep them fully functional. Firmware updates of renewed DOCSIS is subject to licensing and there lies the risk of using a non-authorized refurbisher.
A non-authorized refurbisher are simply not licensed to upgrade the firmware.
Now more than ever, purchasing product, or having clean and screen services performed, needs to be from an authorized Arris / Motorola refurbisher. The consequences of the alternative are real…do not let it happen to you this May.
January 26, 2021
Due Diligence & Data Security
Today, every business has to deal with protecting their sensitive data. Whether organizations are protecting themselves from hackers online or their own recently decommissioned IT hardware, data threat is a growing risk. Most companies have cybersecurity practices in place, but an alarming number of organizations do not have a plan to deal with their decommissioned computers. Having a data security strategy covering both digital (cyber) and physical (decommissioned IT hardware) theft is critical to any organization’s risk
Data privacy laws continue to grow stricter, as illustrated by over a dozen new privacy and security laws that have been enacted over the past few months by both state and federal agencies. The absence of a data security plan could lead to more significant risks and increased fines in the event of a data breach. One of these new regulations is an Amendment to the HITECH Act.
The HITECH Act Amendment offers new incentives to reduce fines and other remedies in the event of a data breach. While the amendment does not include specific language, it does make clear the incentives for covered entities having “certain recognized security practices.” Section 13412(b) of the act defines the term “recognized security practices” as the “standards, guidelines, best practices, methodologies, procedures, and processes developed” under section 2(c)(15) of the National Institute of Standards and Technology (NIST) Act.
Adams Cable Equipment is a R2 certified facility and can help companies meet “certain recognized security practices” regardless of the industry an organization is in. The R2 Standard requires a certified facility, such as Adams Cable Equipment, to meet NIST requirements for data destruction. The R2 certified facility must maintain documented data destruction procedures and maintain records for a specified period of time. An independent third-party auditor then audits these procedures and records yearly to ensure the facility meets R2 and NIST guidelines.
Laws, such as the HITECH Amendment, protect organizations by merely having them able to demonstrate, to some unspecified degree, the existence of recognized security practices. One form of a security practice would be to utilize an R2 certified vendor, such as Adams Cable Equipment, to manage their unneeded electronics. This would allow the organization to show the federal authorities that they were using a vetted and certified company establishing a form of “security practices.” Using a non-certified vendor for your old IT hardware is simply not worth the risk.
December 14, 2020
The Word "E-Waste" – Overused & Inaccurate
I have been in the ITAD industry for over 20 years, and my single biggest pet peeve is the use of the word “e-waste” to describe decommissioned IT hardware and other unneeded or unwanted electronics. Unfortunately, the term has become so synonymous within the electronics recycling industry, that several companies even place the word in their name.
And it is wrong.
Waste is defined as “material that is not wanted; the unusable remains or byproducts of something.” The last time I checked, that is NOT an accurate description of electronics. Can someone explain to me why this term is still so common?
Electronics simply is not “ewaste”. Whether they are whole units or parted out, many electronics can be refurbished and reused. Reuse is the best form of recycling and is by far the best way to extend a product’s lifespan. Electronics are so easily and often replaced that always buying new, and discarding the old, is not a sustainable practice and certainly not in the best interest of our planet or economy.
Nearly all the materials that make up end-of-life electronics can be recycled safely. Commodities that can be recovered from electronics include gold, silver, copper, lithium, palladium, aluminum, steel, mercury, and plastic, just to name a few.
There is enough demand for both refurbished electronics and recycled commodities to make a sound economic case for the value of so-called e-waste. Using recycled materials reduces the production cost of new goods, lowers C02 emissions and puts less strain on the planet’s natural resources, compared to sourcing virgin material.
It’s simple: Electronics that are being reused on the secondary market or properly recycled for their commodities are not going to waste! The only true “e-waste” are the electronics that are still ending up landfills or e-waste “graveyards” around the world because of irresponsible and often illegal handling of those electronics. No one benefits from the space they take up or the pollution they cause when they are left to decompose – a process that can take thousands of years.
Refurbishing, reusing, and recovering precious commodities are the opposite of wasteful. Any recycling company that treats old hardware as simply “waste” or call it “ewaste” should raise flags for anyone looking to retire their assets.
Your image and brand are too valuable to risk.
October 12, 2020
5 Tips for Verifying Secure Destruction
I am often asked, "How can a company verify with confidence that their product sent for secure destruction was actually destroyed?"
In lieu of Apple's lawsuit announcement against a third party vendor for selling product that was supposed to be destroyed, I thought it would be necessary to delve into this incredibly important topic. (See article below for full story)
So, why would a business demand secure destruction of their product? The most common reason is that said company is extremely concerned with data security and has decided to destroy their data-containing devices to eliminate their risk. Obsolete R&D and proprietary devices are some other categories that could pose a threat to an organization if not properly destroyed. On the other hand, there are also types of risk more closely related to sales. A company may have excess inventories of new product that they would rather destroy and recycle than have them resold on the open market. This way, they won't be competing against their own products in the marketplace. Lastly, we have seen unsafe products make their way back into the market after the manufacturer contracted with a vendor intending to have them destroyed, ultimately putting the public at risk.
Unfortunately, companies are often misled by their downstream vendors only to find their products deemed for destruction, not destroyed. Shocker, right?! Over the course of my 20 years in the industry, I have seen time and time again, companies getting screwed.
So what steps can a company take to ensure proper destruction?
Use only a vendor that will not subcontract out the destruction services, and they themselves are a certified facility (R2, NAID, eStewards, ISO9001, etc.). Facility certifications require detailed written processes, documentation to verify that those processes are followed, and are required to maintain all records.
Require a signed certificate of destruction detailing the serial numbers of the devices destroyed.
Request pre and post-destruction photos or video footage of the product being destroyed.
Have the vendor verify a mass balance by measuring the weight of product going into the shredder versus the weight of the commodities coming out (plastic, steel, circuit boards, aluminum, etc.).
Witness the destruction first-hand, or send an independent third-party witness to observe and document destruction.
September 18, 2020
Data Security & HIPAA
As healthcare networks across the country have allowed employees to work from home, it is essential to remember this equipment needs to be handled appropriately as people come back to work. We at ACE understand the risks and returns this equipment can provide to an entity.
45 CFR 164.310(d)(2)(i) and (ii) covers the disposal of electronic equipment, which requires policies and procedures to be developed and implemented to address the final disposition of ePHI (Electronic Protected Health Information), and the media on which it is stored. ePHI must be removed from electronic devices before they are re-used, scrapped, or recycled.
Prior to disposing of electronic media, all ePHI on the devices must be rendered unreadable, indecipherable, and incapable of being reconstructed. OCR suggests clearing (using software or hardware products to overwrite media with non-sensitive data) or purging (physical destruction) the information from the electronic media.
If a covered entity is unable to perform these actions, a vendor can be used. That vendor would naturally be a business associate, and a HIPAA-compliant business associate agreement would need to be signed by both parties before any devices are handed over.
The failure to remove ePHI prior to disposal is a violation of HIPAA Rules, and one that could potentially result in an impermissible disclosure of protected health information. It could also lead to a financial penalty for noncompliance with HIPAA Rules.