SEM Archives - Page 2 of 6

Just How Secure Are Casinos?

June 10, 2022 at 4:46 pm by Amanda Canale

Even in the midst of a worldwide pandemic, the commercial gambling and casino industry made approximately $44 billion in 2021, surpassing the previous record set in 2019. According to the American Gaming Association (AGA), in-person slots and table games are leading the industry’s recent growth. Given the exponential growth, and (quite literally) billions of dollars on the line, experts predict that the casino industry will be a flaming red target for hackers and thieves.

You’re probably thinking, “what information is even stored on casino chips, playing cards, and dice?” Frankly, quite a lot.

Even more so, casino chips are not the only items that are loaded with information; the same goes for playing cards, dice, and personnel access cards. In this blog, we break down the varying security measures casinos take and how a proper destruction plan your casino can better protect your assets.

Radio-Frequency Identification (RFID)

Casino chips may seem like a cheap piece of plastic, but what many do not know is that these seemingly simple items carry loads of information and are packed with advanced technology. These chips are embedded with radio-frequency identification (RFID), which is used to track them and broadcast unique serial identifiers over radio frequencies. RFID technology identifies and tracks every chip for authenticity, tracking history, and to ensure there is no forgery, cheating, or stealing. Additionally, each casino carries uniquely branded chips, including color combinations, marked edges, and UV markings that are impossible to recreate. The RFID-reading technology also detects when counterfeit chips are being used.

While you cannot “hack into” casino chips, it’s still possible for people to steal them for money, especially since they are a form of currency within casinos. For example, in 2010, a man stole $1.5 million in chips from the Las Vegas Bellagio casino. However, due to the RFID technology within the chips, authorities were able to remotely render the chips worthless by turning off the chips’ transmitters before the robber could turn them in for cash.

License Plate Recognition

Like many secure facilities, casinos have security measures in place tracking you before you even have the chance to park your car. Once your car enters the camera’s frame, the license plate recognition technology scans your plates and converts them into text, which is then compared against the casino’s database. What are they looking for exactly? The software runs your license plate against their records to see if you are a known gambling addict, thief, or on their internal blacklist. This process is to ensure that no undesirable patrons are allowed into the facility.

Angel Eye

Like I stated earlier in this blog, chips are not the only casino materials that are loaded with information. Playing cards carry invisible bar codes that help sensors and security software, such as Angel Eye, track their movement, which ones are being dealt, and to prevent card-switching. The software was specifically designed to prevent card switching, which is prominent in other parts of the world.

When a dealer deals cards, the software tracks the dealt cards through a sensor in the dealing shoe (the container that houses the cards). After this first scan and once the cards are revealed on the table, the dealer presses a hidden button that scans the table and upward facing cards a second time. The Angel Eye software compares them to the initial scan to ensure that the results on the table matches what the computer says.

TableEye21

TableEye21 is a powerhouse of a security device; it is made up of varying technologies all wrapped into one concise solution. It includes an overhead video camera that tracks the table’s actions and players, includes video analysis software and information sent by the RFID chips, and overlays the video feed with real-time data tracking on cards and chips being used.

TableEye21 tracks every action on the table, including dealer rounds per hour, trend reports, and the player win percentage. Casino authorities use this information to identify if a player is counting cards, using counterfeit chips and cards, or scheming with the dealer in order to win.

NORA

NORA stands for Non-Obvious Relationship Awareness software, and it goes hand in hand with all of the security measures we discussed above. Whether a dealer notices something off about a player or the TableEye21 software picks up on odd numerical trends, NORA can be used to scan the casino’s databases for information and recognize relationships between players and dealers alike.

What relationships, you ask? Let me give you an example.

If casino personnel put Brian Jones into NORA, the software will scan all of the casino’s databases and be able to see that Mr. Jones, who applied for a dealer position, is actually Paul Johnson, a notorious poker scammer. In addition, it can connect people entered into NORA based on their similar backgrounds. So once NORA finds out that Brian Jones is really Paul Johnson, it also connects Paul to another player, Zachary Jost. From there, the software connects the dots and finds out that Paul and Zachary were fraternity brothers during their undergrad career and that they were both arrested for the same fraud case.

Another potential outcome is NORA discovering that the dealer and a player used to share the same address and phone number, possibly meaning that they are in on a scam together.

If that wasn’t impressive enough, we should probably mention that it was after 9/11 that the Department of Homeland Security began using the advanced software to help identify relationship links between potential terrorists and criminals.

This is not an exhaustive list by any means; there are many other security measures and advanced tracking technology that casinos use in order to maintain order and ensure honest playing. However, there is one more security method we’d like to discuss: the destruction of casino materials.

As of this writing, there are no federal laws concerning data protection that casinos have to abide by. However, casinos and gaming facilities are required to abide by their state’s safeguarding mandates and financial privacy regulations. In order to maintain the stringent policies set in place to prevent fraud and criminal activity, it is crucial for casinos to establish further security measures for the destruction and disposal of these technology-ridden materials.

In the past, casinos have thrown their chips and cards out with the trash, some even building them into the foundations of casinos out of superstition. But in recent years, casinos have been required to destroy their chips and cards according to predetermined expiration dates. Typically, the expired materials are sent out to a third party destruction facility where they are often dumped into landfills or left vulnerable to thievery by the third party vendors.

At SEM, we offer a better alternative: secure, in-house destruction. With our low and high volume disintegrator solutions, dice, chips, and playing cards can be easily destroyed to a predetermined and consistent particle size. As we know, casinos house a lot of sensitive information regarding personnel, patrons, financial information, and advanced technology that should be secured, even in end-of-life.

One solution is the SEM Model DS-400, a dual stage turnkey disintegrator that has been evaluated by NSA and meets the requirements of NSA/CSS specification for Paper Disintegrators, CDs, and Key Tape. This compact and portable device is perfect for the destruction of paper, optical media, key tape, casino chips, metal and plastic cards, and more.

Need something with a higher volume? We suggest a SEM VKE Disintegrator system. Our VKE (value kit enclosure) disintegrator systems include your choice of disintegrator, air system, state-of-the-art technologies and features like a customized MX sound enclosure to reduce sound and dust during operation, a solid steel rotor designed to provide 70% more rotor mass than open rotor designs, and user-friendly master control panel.

Depending on the needs of the casino, SEM has every device necessary to properly and efficiently disintegrate chips as intended since our inception in 1967. Any one of our exceptional sales team members are more than happy to help answer any questions you may have and help determine which machine will best meet your destruction needs.

For more information on our casino solutions, visit our website here.

Top 4 Ways to Outsmart a Phishing Scam

March 21, 2022 at 6:37 pm by Amanda Canale

Do you have what it takes to outsmart a phishing scam? Let’s find out!

First, a bit about phishing: for those that may not be familiar with phishing, phishing is a phrase used to describe a cyberattack method via email. An email is sent to an individual with the intention of hacking into the recipients’ email, computer, or network.

Typically, the phishing email will ask the recipient to perform some form of task, whether it is to open an attachment, click on a link, send gift card codes, or send along sensitive information. These links and attachments will be malware-infected and allow the hackers to gain access to your computer, network, and more, and can have detrimental consequences.

It is important to note that phishing is not a new cyberattack tactic. Phishing has been one of the most common attack methods and has only become increasingly more complex the further we get into the Digital Age. That said, upgrading your cybersecurity software and educating your staff how to spot and report phishing emails are just two ways to better protect you and your organization’s data. And speaking of educating your staff, read on to learn the top four ways you and your team can spot a phishing email.

Red Flag #1: An Urgent Request for Login Information, Sensitive Information, or Money

Today, it is increasingly easy to get in touch with one another; there’s the telephone, text message, FaceTime, Microsoft Teams chat, Zoom call, calendar invite, and more. It’s safe to say that if your supervisor (or any member of upper management) needs to speak with you on an urgent matter, they’re going to find a way to contact you directly. If an email allegedly coming from your boss or CEO is threatening negative consequences, or even termination, if you do not complete their task, it’s probably a phish. This is a type of scare tactic used to rush the recipient into getting their request completed as soon as possible.

In addition (and it should be common sense), if your boss needs you to send her login information or sensitive information, take a moment and ask yourself, “if this person were really your boss, wouldn’t she have her own access to that information and logins, especially if she is in upper management?” We’re not saying you should ignore every request for information from upper management, but if the request seems a little fishy (pun intended), take a moment to give the sender a quick call or follow up with them in a separate email (using the email address you know belongs to them) to confirm their request.

The same should go for any request for money or gift card activation codes. A colleague, regardless of title and status, should not be requesting monetary items from you via work emails. This is usually a clear sign of a phish and like we suggested above, take a moment to follow up with that person in real time to confirm their request.

Red Flag #2: Misspelled Name and/or Email Address (When Impersonating Someone You Know)

Now, these attempts don’t come from just any John Doe; hackers do their research to make sure the “sender” looks like it is quite literally coming from your supervisor, company president, client, or…pretty much anyone you know based on social platforms and public company directories.

That being said, it’s now time to break out your magnifying glass and bifocals because we’re moving on to proofreading the urgent request with a fine-tooth comb. Some phishers are lazy so it may be fairly easy to spot a phish simply by doing an in-depth evaluation at the spelling of the sender’s email address (and even the spelling of anyone’s names that are mentioned).

Since it is not possible for two email accounts to exist under the same domain, hackers have to get creative with the spelling of email addresses when impersonating someone. A quick scan may miss the typos and misspellings so it’s best to take the extra few seconds to make sure the sender is using the correct domain and spelling of their name. Also be on the lookout for the number 1 replacing an L or an I and other such crafty substitutions.

Red Flag #3: Bad Grammar and Overall Spelling Mistakes

Most of the time, phishing scams do not come from a particular person but rather a bot or a spell-check tool that doesn’t always translate well. Be on the lookout for major spelling and/or grammar mistakes, and this red flag will be an easy one to spot.

Red Flag #4: Illegitimate Links

Whatever you do, do not click the blue link!

One tricky way phishers hook their victims is by using illegitimate links. One can avoid activating any malware-infested links by simply hovering their cursor over the link for a second or two to see a preview of the URL. If the preview is anything different than what the link says it’s supposed to be, then report it to your IT manager for a more in-depth evaluation.

To summarize, sometimes all it takes is a few extra seconds to carefully read over requests (and maybe a “better to be safe than sorry” forward to your IT department) to spot a phish. As a final note, we want to stress that it takes more than a simple spellcheck to keep you and your organization’s information secure. Upgrade your security software, implement two-step verification logins, train your employees, and collaborate with your IT department to find other security methods you can take.

Security Engineered Machinery Gives Back to Veteran Family with Operation Playhouse

March 7, 2022 at 7:25 pm by Amanda Canale

WESTBOROUGH, MA, February 23, 2022 – Security Engineered Machinery Co., Inc. (SEM), global leader in high security information end-of-life solutions, once again partnered with Metrowest Habitat for Humanity for Operation Playhouse. The operation allows the opportunity for local Worcester County businesses to partner with veteran and military families to build and donate a playhouse to the family’s children. Each year, participating local businesses receive construction plans, paint, and a deconstructed house to build, and are given free rein to decorate the playhouses based on the children’s interests.

The SEM team decorated the playhouse for U.S. Army veteran Sgt. Christopher Cutliffe’s family. Sgt. Cutliffe served in the U.S. Army from 1998 to 2006 with a 2003 tour in Afghanistan during Operation Enduring Freedom.

“SEM was founded by a Korean War veteran in 1967, and ever since then we have worked very closely with all branches of the military and intelligence community, so any opportunity we have to give back, we take it,” said Andrew Kelleher, SEM President. “This cause has always been so close to our hearts, and it is always an absolute honor to come together and give back to a family that has given so much to our country.”

SEM Marketing Assistant, Amanda Canale, and Customer Care Representative, Cindy Haskell, painting the playhouse’s window frames.

SEM Director of Marketing, Heidi White (left), and Marketing Assistant, Amanda Canale (right) intertwining ivy garland into the playhouse’s porch.

The SEM team took full creative control with Operation Playhouse 2022 and produced a jungle-themed playhouse for the Cutliffe family’s two small children. The playhouse, painted dark green, is adorned with bamboo, greenery, jungle-themed activity books and toys, a removable front porch with gate, and even a rope swing with jungle vines.

“Every year, we try to take creative liberty and produce a truly unique and special playhouse,” said Amanda Canale, SEM Marketing Assistant. “Our team really outdid themselves with this year’s concept. It’s by far the most creative we have been and it was incredibly heartwarming to see it received so lovingly by the Cutliffe family.”

Members of the SEM Sales, Engineering, and Service teams working together to construct the playhouse’s roof.

SEM Director of Marketing, Heidi White, presenting Sgt. Christopher Cutliffe and his family with a certificate and the playhouse.

This is SEM’s fourth year taking part in Operation Playhouse and certainly won’t be the last. “Operation Playhouse has become a tradition here at SEM and we are eagerly awaiting next year’s opportunity,” added Kelleher.

Watch a recap of the day in the video below.

About Habitat For Humanity

Habitat for Humanity is a global nonprofit housing organization working in local communities across all 50 states in the U.S. and in approximately 70 countries. Habitat’s vision is of a world where everyone has a decent place to live.

Shredding Security Levels

January 20, 2022 at 8:17 pm by Amanda Canale

When it comes to the destruction of end-of-life media in the US market, there are very strict guidelines and laws that address how classified, top secret, and controlled unclassified information (CUI) should be disposed and securely destroyed, determined by the National Security Agency (NSA) and the National Institute of Standards and Technology (NIST). For example, the NSA mandates specific particle sizes for top secret and/or classified data that resides on all forms of media, and evaluates and lists end-of-life information destruction solutions for this purpose. For a list of media destructions solutions evaluated and listed by the NSA, click here.

However, most other guidelines and laws that apply to other types of government and commercial information do not provide specific destruction particle sizes to insure the most effective solution. Most simply indicate that media should be destroyed with the use of a shredder or other destruction solution. In industries like healthcare, finance, banking, education, and more, the importance of the proper disposal of end-of life media is better defined; however, the particle size specifics tend to be left open to interpretation.

DIN Standards, otherwise known as Deutsches Institut für Normung, originated at the German Institute for Standardization, a non-government organization that serves as the national standard when it comes to improving the rationalization, safety, environmental protection, and quality assurance between the government and the public. While often not mandated, DIN guidelines serve as a widely accepted global standard that also provides clarity to vague end-of-life information destruction requirements.

Enter DIN 66399. These standards provide destruction particle size guidelines for information that resides on a wide range of media and that specifies protection categories.

Q: What is the DIN Standard 66399?

A: DIN 66399 has become a globally accepted security standard for the shredding or destruction of all types of data media.

Q: Who is it for?

A: Sets out responsibilities regarding the protective security required for commercial organizations, government departments, and individuals to help make an informed choice of the correct equipment to guarantee all levels of secure destruction.

Introducing the Three Protection Categories

Class 1: for the normal protection required for internal data where disclosure would have a negative impact on a company or a risk of identity theft of an individual.

Class 2: for the higher protection of confidential data where disclosure would have a considerably negative effect or could breach legal obligations of a company; or offer a risk of adverse social or financial standing of an individual.

Class 3: for very high protection for confidential and top secret data which if disclosed could have terminal consequences for a company or government entity, and have a health and safety or personal freedom risk to individuals.

However, at the end of the day these regulations and protection categories are guidelines. Businesses and organizations should always err on the side of caution when it comes to the destruction of end-of-life data. It’s important to remember that a data breach is a data breach no matter the level of impact…and no matter when it takes place. There are no statute of limitations when it comes to compromised data: just because the information wasn’t misused then, doesn’t mean it won’t happen in the future. Therefore it is always best practice to adhere to the above regulations when it comes to your data destruction.

Six Media Categories

The DIN Association also defines six media format categories on where information may reside. They are as follows:

P: Paper based products
F: Film based products including micro-film, microfiche, slides, etc.
O: Optical media including CDs, DVDs, and Blu-ray Disks
T: Magnetic data media like floppy discs, ID cards, magnetic tapes and cassettes, etc.
H: Hard drives from computers, laptops, and external devices
E: Electronic data media like memory sticks, cards, solid state drives, mobile phones

Seven Specific Security Levels

Example: P = Paper media requirements

Protection Category	Media Paper	Security Level	Security Level Particle Size Requirement
Class 1	P	1	12mm strips or maximum particle surface area of 2,000mm²
Class 1	P	2	6mm strips or maximum particle surface area of 800mm²
Class 1	P	3	2mm strips or maximum particle surface area of 320mm²
Class 2	P	4	Maximum cross-cut particle surface area of 160mm² with a maximum strip width of 6mm = 6 x 25mm
Class 2	P	5	Maximum cross-cut particle surface area of 30mm² with a maximum strip width of 2mm = 2 x 15mm
Class 3	P	6	Maximum cross-cut particle surface area of 10mm² with a maximum strip width of 1mm = 1 x 10mm
Class 3	P	7	Maximum cross-cut particle surface area of 5mm² with a maximum strip width of 1mm = 1 x 5mm

Maximum Shred Size for Other Media

Class	Film	Max	Optical	Max	Tape	Max	Magnetic	Max	Electronic	Max
Class 1	F-1	160mm²	O-1	2000mm²	T-1	Inoperable	H-1	Inoperable	E-1	Inoperable
	F-2	30mm²	O-2	800mm²	T-2	Split	H-2	Damaged	E-2	Split
	F-3	10mm²	0-3	160mm²	T-3	2000mm²	H-3	Deformed	E-3	160mm²
Class 2	F-4	2.5mm²	0-4	30mm²	T-4	320mm²	H-4	2000mm²	E-4	30mm²
Class 2	F-5	1mm²	0-5	10mm²	T-5	160mm²	H-5	320mm²	E-5	10mm²
Class 3	F-6	0.5mm²	O-6	5mm²	T-6	10mm²	H-6	160mm²	E-6	1mm²
Class 3	F-7	0.2mm²	O-7	0.2mm²	T-7	2.5mm²	H-7	10mm²	E-7	0.5mm²

Q: How does SEM meet these requirements?

A: As a supplier of information destruction systems for the past 50 years, SEM is a leader in providing solutions to meet all destruction levels outlined in the DIN 66399 guidelines. From machines that can shred paper and optical disks to hard drives and data tapes (and more!), SEM has the answer.

Data Privacy Day 2022

January 18, 2022 at 1:59 pm by Amanda Canale

Every year on 28 January, the National Cybersecurity Alliance (NCA) creates an informative and engaging social media campaign in an effort to bring awareness to the general public about data security and protection best practices. The international campaign is called Data Privacy Day (DPD), and heavily encourages people to comply with privacy laws and regulations, but also serves to educate people on how to protect and manage their personally identifiable information (PII).

Even in the age of Big Media, millions of people are unaware of the various ways their PII is being used, collected, shared, and even sold. The annual campaign is targeted towards anyone with any sort of online presence. This internationally recognized day was initially established in 2008 in North America as an extension of Data Protection Day in Europe, which has been in effect since 1981. It is the first legally binding international treaty to recognize data privacy concerns.

In 2022, the NCA has expanded Data Privacy Day into a week-long initiative called Data Privacy Week. The week, lasting from 24-28 January, is filled with various steps, goals, and webinars individuals and organizations alike can make and attend as a way of encouraging transparency about how their customer data is being used.

You can find a full list of Data Privacy Week events here on the NCA’s website. Below, we break down the major takeaways both individuals and organizations should take from the week-long event.

Individual Level: Keep It Private

When it comes to keeping our PII and personal health information (PHI) safe, it is crucial that we follow data security and privacy best practices as that information is extremely valuable to hackers and thieves. Certain information such as your IP address, purchase history, and location can offer hackers a wealth of knowledge as to your income, spending habits, card information, and where you live. Remember, identity theft is not a joke!

If it helps to understand the criticality of keeping your information safe, imagine each piece of identifying information (whether it be your IP address or your credit card statements) as having a monetary value. According to the IBM and Ponemon Institute report, the cost of an average data breach in 2020 is approximately $3.86 million. While most of these costs are from business reputation maintenance and regulatory fines, the costs can still add up when it’s your PII on the line. (Read more in our blog here.) You wouldn’t willingly give up money from your personal wallet, so be sure not to do the same with your information.

NSC Recommended Steps to Take:

Understand the privacy/convenience tradeoff

Today, before you can even use most apps, they will ask you for access to personal information ranging from geographic location to contacts and photo albums. By allowing access to these very personal and private forms of information, you may be offering up much more than necessary. For example, why does a mindless gaming app need access to my contacts and location in order for me to play? It is best to make informed decisions on what you should do: weigh whether or not the information they are asking for is really necessary, how the benefits weigh against the tradeoff, and if you really need the app at all.

Manage your privacy

Once you deem an app worthy of your time and phone storage, take an extra moment or two to review the app’s privacy and security settings, and adjust them to your comfort level as necessary. You can use the NCA’s Manage Your Privacy Settings page as a guideline on how you can check your favorite app’s settings.

Protect your data

While data privacy and data security are not interchangeable, they are in fact a packaged deal. Use best practices such as creating long and intricate passwords, utilizing multi-factor authentication when possible, and using a password manager to keep your passwords secure and up to date.

Organization Level: Respect Privacy

According to a recent Pew Research Center study, approximately 79% of adults in the US are concerned about how companies use their personal data. As an organization, the privacy of your consumers’ and customers’ data should be your utmost concern. By respecting their data and being transparent, an organization instills trust which will in turn enhance reputations and company growth.

NSC Recommended Steps to Take:

Conduct an assessment

Regardless of if your company operates locally, nationally, or globally, it is important to understand the privacy laws and regulations of the area in which your business operates and to ensure they are being followed. In addition, evaluate your security measures, access to individuals’ personal information, and screen any outside partners and vendors as well to ensure they are not misusing your consumers’ information.

Adopt a privacy framework

Find a privacy framework that works best for you, your organization, and your consumers to help mitigate potential risk and implement a privacy culture within your organization. The NCA recommends reviewing the following frameworks to start: NIST Privacy Framework, AICPA Privacy Management Framework, and ISO/IEC 27701 – International Standard for Privacy Information Management.

Educate employees

By creating an office culture surrounded by data privacy and data security, you are educating your employees on not only how to keep their personal information safe but how to better serve your consumers and their information. Engage staff by asking them how they view your current privacy culture, implement mandatory training and webinars, and consistently assess your current standards.

In addition to these methods, transparency about how your collect, use, and share consumer information is crucial. Be up front and honest with your clients, users, or consumers about what they can expect their information to be used for and offer them other settings to protect their information by default.

And lastly, when your information-bearing media reaches end-of-life — whether hard drives, portable IT storage, or even paper — securely destroy it to prevent leaks and data breaches down the road.

How to — and How to NOT — Destroy SSDs at End-of-Life

November 24, 2021 at 4:01 pm by Amanda Canale

Since the first days of chat message boards and social media profiles, we’ve all heard the saying, “don’t put all of your information online because it never truly goes away.” The same can be said for end-of-life data and information on solid state drives (SSDs): once information is on there, it’s next to impossible to fully remove. Aside from implementing a secure, in-house destruction plan, there are numerous methods we do not recommend using. Let’s break some of those down.

Degaussing

A major misconception when it comes to data destruction is that destruction methods for hard disk drives (HDDs) and solid state drives (SSDs) are interchangeable. We hate to burst your bubble but…that’s false! Degaussing is simply not an option for the destruction of end-of-life data on SSDs. Solid state drives and optical media do not require it as part of the destruction process because they do not have an inner magnetic, rotational platter that can be scrambled like HDDs do.

However, crushing and/or shredding is recommended. Since SSDs can store vast amounts of information on such small chips, even tiny, intact fragments can hold a plethora of sensitive or private data. This means that every single SSD chip must be properly destroyed and done so in a machine specifically designed to destroy solid state media and produce particles small enough to ensure that no data can be retrieved.

Recycling and/or Throwing Away

While we always support taking the greener route, trying to recycle your end-of-life drives cannot be done securely and is not recommended. Unfortunately, the majority of our waste and recycling ends up in landfills and dumpsters which are literal gold mines for hackers and thieves.

In addition, it is often reported that on average, recyclables and waste sit on sorting floors for up to four weeks before finally being destroyed. To top it off, recycling and waste is hardly ever transported securely, making it easy for people to intercept and have access to your most sensitive information, putting yourself at even more risk of a possible breach.

Deleting and/or Overwriting

While methods such as cryptographic erasure and data erasure would allow the drive to be used again, it is not a secure and foolproof destruction. Information, whether encrypted or unencrypted, can still linger behind on the drive and be accessed, even if it has previously been deleted or overwritten.

ITAD

ITADs, or information technology asset disposition companies, are third-party vendors that sanitize and destroy end-of-life data and drives. While the appeal of these types of companies can be quite attractive, we at SEM do not recommend utilizing these types of companies when disposing of your end-of-life data. While there are some reputable ITAD and data sanitization companies out there, the risk may not be worth the convenience. Security risks can be unpredictable and potentially catastrophic as it can be far too easy for ITAD vendors to misuse, mishandle, and misplace drives when in transportation, destruction, or disposal. It has also been reported that some vendors sell end-of-life devices and their sensitive information to online third parties.

Other (Un)Worthy Methods

Running over SSDs with your car
Roasting your SSDs over a fire
Giving your SSDs a swimming lesson
Physical destruction with a blunt object

By physically destroying SSDs with an appropriate shredder or disintegrator, companies are choosing the most secure method of data destruction as this is the only way to be certain that the end-of-life data has been properly destroyed. SEM SSD crushers are ideal for lower volume data center destruction of solid state media, while our shredders are recommended for higher volume destruction. SEM SSD disintegrators provide the most complete chip destruction and the highest level of security, destroying SSDs and chips to the NSA’s mandated 2mm final particle.

Security Engineered Machinery Gives Back to Worcester County Food Bank

November 23, 2021 at 3:48 pm by Amanda Canale

Security Engineered Machinery Co., Inc. (SEM) and Merchants Fabrication, Inc. recently rallied together to donate a staggering 628 lbs. of non-perishable food to the Worcester County Food Bank (WCFB).

The Worcester County Food Bank is one of only three Feeding America member food banks in the entire state of Massachusetts. In 2018 alone, the WCFB was able to distribute nearly 6.1 million lbs. of food to approximately 75,000 people throughout the county.

SEM Accounts Receivable Coordinator, Steve Watson, posing with a full car load of donations.

Every year, and especially during the current pandemic, SEM has been committed to WCFB’s mission of helping to serve and feed our fellow neighbors. It’s one of a handful of various philanthropic opportunities the entire company looks forward to every year.

“Whether it’s the Habitat for Humanity Operation Playhouse, the November food drive, or our Toys for Tots drive in the winter, everyone comes together to help our fellow neighbors in need,” says Kristin Olson, SEM Materials Supervisor. “It’s one of my favorite parts about being on the SEM team.”

SEM Director of Marketing, Heidi White, posing with the final food donation weight total.

In just over four years, SEM has been able to increase their annual donation from 151 lbs. to now 628 lbs. with the same staff headcount.

“Every year, without fail, we have been able to donate more and more,” says Heidi White, SEM Director of Marketing. “We are honored to give back to our community and are already looking forward to our next opportunity.”

What You Need to Know About Cybersecurity Awareness Month

October 15, 2021 at 3:15 pm by Amanda Canale

In 2004, the National Cyber Security Alliance (NCSA) and the US Department of Homeland Security launched Cybersecurity Awareness Month in an effort to heavily encourage, educate, and assist citizens in staying safe online and how to protect their information. In addition to this annual month-long campaign, the NCSA also runs a campaign every January 28 called Data Privacy Day (but that’s a story for a different blog).

Every year in October, the NCSA creates an engaging and informative campaign in order to raise awareness about cybersecurity. This year’s theme is “Do Your Part. #BeCyberSmart” and has a subsequent theme for each week during the month of October.

Week 1 – Be Cyber Smart

Knowing the basics of cybersecurity by creating strong passwords, multi-factor authentication methods, secure data backup options, and keeping up to date with software updates are only going to further protect you from cyberattacks. Some of these basic “cyber life skills” also include knowing the proper destruction method your data requires, how to properly destroy paper documents and hard drives, and memorizing record retention schedules.

Unfortunately, even knowing the basics won’t always be enough to prevent ourselves from getting in our own way. One of our blogs details the top five human error blind spots and offers other helpful basic tips to help you and your team become more #CyberSmart.

Week 2 – Fight the Phish

We’re all humans and we all make mistakes. It’s inevitable! However, not all are without consequences. According to a 2019 study, more than 80% of reported data security incidents were caused by phishing attacks. By interacting with suspicious email links, attachments, and senders, your risk of falling victim of a phishing scam rises. In today’s modern age, hackers and thieves have become even more creative when it comes to these kinds of scams. If an email or email address looks a bit off to you, it’s always best to either ignore or send to your IT department to investigate.

Week 3 – Explore. Experience. Share.

This week is led by the National Initiative for Cybersecurity Education (NICE), an organization dedicated to promoting careers in the cybersecurity industry. Their messaging ranges from showcasing resources and programs (especially to encourage participation in more marginalized groups) to highlighting the demand for jobs in this field. According to their website, the Department of Labor predicts that IT and cybersecurity jobs will “be among the fastest growing and best paying jobs over the next decade.”

Week 4 – Cybersecurity First

Regardless of the kind of business or organization, having proper cybersecurity protocols and methods in place (in addition to proper in-house end-of-life data destruction!) should always be a priority. This final week of Cybersecurity Awareness Month is dedicated to educating individuals on making cybersecurity a top priority and not an afterthought. Data breaches are, unfortunately, no longer a possibility of “if” but “when.”

IBM and Ponemon Institute reported that the cost of an average data breach in 2020 was approximately $3.86 million, a staggering 10% rise over the past five years. These costs can range anywhere from money lost and reputation maintenance to regulatory fines and ransomware, not to mention other direct and indirect costs. When comparing the cost of one of SEM’s Model 0101 at $5,066 (and an average lifespan of ten years) to a possible data breach resulting in millions of dollars, the right answer should be simple: by purchasing in-house end-of-life data destruction equipment, your company is making the most cost-effective, safest, and securest decision. The NCSA and everyone at SEM understand that some companies may want to cut corners and save costs; however, we strongly agree that cybersecurity should come first and foremost, and that it is worth every penny in the long run.

To find out more about Cybersecurity Awareness Month, visit their website here.

Security Engineered Machinery Gives Back to America’s VetDogs

October 7, 2021 at 7:21 pm by Amanda Canale

Security Engineered Machinery Co., Inc. (SEM), global leader in high security information end-of-life solutions, take teamwork, philanthropy — and dogs! — very seriously. Due to the company-wide love for these four-legged friends and utmost appreciation for those in the military, SEM employees banded together to select America’s VetDogs as their next charity opportunity.

The entire SEM and Merchants Fabrication, Inc. team spent the last two weeks of September rallying together to raise funds for America’s VetDogs, a 501©3 charity whose mission is to provide renewed independence to US Veterans, active-duty members, and first responders with disabilities. The dogs are trained and placed by the organization at no cost to the individual.

Together, SEM and MFI were able to donate $1,450 to the organization.

“Our company was founded by a veteran, and we work very closely with all branches of the military,” says Andrew Kelleher, SEM President. “And if you know anyone at SEM, you know that it is no secret that we love dogs here. This charity opportunity was a fun, inclusive, and unique way to honor and help those that have given so much to our country.”

To make things even more exciting, SEM team banded together to create a raffle to drive fundraising stakes. The raffle, by which employees “purchased” tickets through making donations to VetDogs, included such items as a dog gift basket, Bruins tickets, restaurant gift cards, and more.

“Everyone here loves a good competition so we decided to partner with SEM’s management team to create gift baskets that we could raffle off as a way to help drive more money to this great cause,” says Amanda Canale, Marketing Assistant. “And it worked! People were very engaged and we were able to donate a substantial amount to this great cause.”

To learn more about America’s VetDogs, visit www.vetdogs.org.

SEM Introduces New Line of Shredders for Commercial Data Center Market

September 1, 2021 at 9:00 am by Amanda Canale

Security Engineered Machinery Co., Inc. (SEM), global leader in high security information end-of-life solutions, is pleased to introduce a new line of hard drive and solid state shredder models: the SEM Model DC-S1-3 Series. This unique series of devices are specifically designed for the destruction of enterprise rotational hard drives and solid state media, such as those found in data centers.

Designed at SEM’s Westborough, MA headquarters, the DC-S1-3 Series includes three models: the DC-S1-3 HDD for rotational hard drives, DC-S1-3 SSD for solid state drives, and DC-S1-3 HDD/SSD Combo for HDDs and SSDs. All are made in the USA and TAA compliant.

“The DC-S1-3 series is an exciting new addition to our already extensive line of data destruction devices that was designed as a result of feedback gathered over the years from our data center clients,” commented Nicholas Cakounes, SEM CTO. “In addition to robust health and safety features, the DC-S1-3 incorporates very high torque and solid steel cutting heads to easily destroy the toughest, most dense hard drives and devices.”

The S1-3 series of devices are designed with a 3HP motor, high torque, and 3-phase power, ensuring the machines’ longevity and consistency. The S1-3 HDD and SSD both come with a single feed opening while the S1-3 HDD/SSD combo unit includes two separate feed openings and cutting chambers, one for rotational, platter-based hard drives and the other for solid state hard drives and devices.

“Our new DC-S1-3 Series fills a gap for our data center clients when it comes to end-of-life hard drive destruction,” said Ben Figueroa, SEM Strategic Account Manager. “These devices not only offer consistent and efficient drive destruction, but also feature a compact footprint, which is so critical to our data center clients.”

In addition to rotational and solid state hard drives, the DC-S1-3 Series is ideal for the shredding of data tapes, cell phones, smartphones, optical media, memory sticks, thumb drives, PCBs, and other related electronic storage media.

For more information on the DC-S1-3 series, visit https://www.semshred.com/product/model-dc-s1-3-hdd-ssd/ and watch our YouTube video.

SEM Shred

Tag: SEM