Light at the end of the PoPI tunnel

The Information Regulator has been working hard on draft Protection of Personal Information (PoPI) Act regulations that will soon be tabled in parliament. The PoPI Act stipulates how companies may collect, handle, store and discard information, with heavy penalties for those that fail to comply. PoPI can only commence once the Information Regulator is operational and once the commencement date of the Act is announced, organisations will have 12 months to comply with the Act. Xperien CEO Wale Arewa says the PoPI commencement date could be before the end of the year. “Although the newly appointed team cannot commit to a definite date, they certainly seem to be hard at work conceptualising and thinking through the type of organisation they want to establish.” The Information Regulator has indicated that it would be undertaking a benchmarking exercise to look at other data protection laws in other countries. The team also stressed that they wanted to be transparent and accessible and welcomed engagement with industry sectors and other stakeholders. Furthermore, the Deputy Minister of Justice Honourable John Jeffries warned that with the POPIA commencement date looming, both public and private bodies should prepare to comply and that there was no reason to delay compliance efforts. Arewa says the newly appointed team is tasked with ensuring that personal information is protected and that the free flow of information is promoted. “There is already a perception that this team is the PoPI Regulator, but they are not. Their mission is to ensure that both the constitutionally guaranteed right of access to information and the right to privacy are equally protected and enjoyed.” The... read more

PoPI compliance: A top priority for 2017

Although the Protection of Personal Information Act (PoPI) isn’t effective yet, company executives will have to make it a priority for 2017. With the imminent appointment of the Information Regulator, companies urgently need to upgrade their information technology security systems ahead of the implementation of the Act. The Act regulates how companies handle, keep and secure personal information and was already signed into law three years ago. Xperien CEO Wale Arewa says PoPI gives everyone an additional year from the commencement date to comply with its requirements. “Even though they still have more than a year to make arrangements to comply after the commencement date, I strongly recommend they rather make it a priority.” “There are serious penalties, besides the possibility of prison terms and fines of up to R10-million, PoPI also allows individuals to institute civil claims. This means there is the possibility of further financial loss on top of any fine that may be imposed,” he adds. Arewa warns that the Act will also require IT Asset Disposal (ITAD) accreditation. “Business executives responsible for IT asset management also need to understand the principles of ITAD and they need to consider regulatory compliance and the protection of company information. They will soon face massive fines, civil claims and reputational damage if they fail to comply.” “They should be extremely cautious when appointing asset disposal service providers. It is important to check for accreditations like ISO9001, ISO14001 or even membership to a professional body like International Association of IT Asset Managers (IAITAM),” he says. IT Asset Managers should seek to understand how ITAD services providers add value to the... read more

Xperien raises awareness for children in road safety

Team Xperien Cycling joined more than 30 000 cyclists in the 20th edition of Joburg’s biggest cycling event, the Telkom 947 Cycle Challenge, to raise awareness for children in road safety. The Xperien team is an ambassador for Wheel Well, a non-profit organisation that focuses on safety for children. It is also the only not for profit organisation that focus exclusively on children in road safety. Team Xperien Cycling was established specifically to raise awareness for this non-profit organisation. The team and its supporters network at key cycling events to create exposure for sponsors in return for their contribution. Xperien CEO Wale Arewa says this year’s event was a phenomenal success. “Our aim was to entertain and accommodate our staff while raising awareness for Wheel Well, making sure that people take road safety for children seriously. Our team performed exceptionally well, we got 23 medals out of a possible 27.” Wheel Well’s Peggie Mars says this year the 947 Cycle Challenge was simply amazing. “We would not have been able to do it on this scale, were it not for the support of Xperien. They walk the talk, peddle for a purpose and they do this with passion as well as innovation. Our beautifully designed shirts stood out in the crowd, there were no mistaking for what they are peddling for – Children in Road Safety.” “Much of what we aim to achieve is to get people talking car seat and this Cycle Challenge achieved the goal. To top it all, Wheel Well received donations that will help us in our objective of putting every kid in every car... read more

Measuring the value of IT Asset Disposition

Most organisations have more idle IT assets than they need and very few know how many there are and where they are located. Implementing a mature IT Asset Disposition (ITAD) program will enable an organisation to reduce the number of surplus and idle IT assets and increase asset utilisation. IT Asset Managers should seek to understand how ITAD services providers add value to the process. An ITAD vendor that takes a proactive role can start as early as the planning process for asset acquisition, and continue through the product lifecycle and into asset disposition. As an advisor, the ITAD vendor can help make refurbishing decisions that preserve maximum resale value. By remarketing client’s IT assets through retail channels, the ITAD vendor specialising in asset value recovery helps clients make more money from IT asset disposition while fully meeting environmental and data security standards. Gartner says the adoption of a reuse program, as an integral part of IT Asset Disposition, should enable organisations to reuse of over 48 percent of all desktop equipment. However, it says many large organisations routinely fail to reuse more than 20 – 25 percent of their technology. Xperien CEO Wale Arewa says there many inherent risks associated with technology retirement. “Most IT asset managers would consider environmental compliance and data security at the beginning of the road. Additionally, asset managers need an objective metrics to measure and benchmark ITAD vendor performance. Establishing a few Key Performance Indicators (KPI) for one’s asset disposition program will enable continuous improvement in financial, risk mitigation and environmental terms, and allow one to hold the ITAD vendor accountable to a... read more

Good time to dispose of old IT equipment, Cash for faulty IT assets at end of lease.

Local IT Asset Disposal (ITAD) specialist Xperien has urged companies to dispose of their off-lease, redundant and faulty IT equipment in a safe and ecologically responsible manner. The influx of new technology creates a corresponding and often overlooked increase in decommissioned IT assets. As a result, outdated laptops, desktops, LCD’s, servers and other IT equipment tend to quietly pile up in storage. Xperien CEO Wale Arewa says these rapidly depreciating aged assets can pack a major financial punch. “This is a good time to schedule a year-end data destruction and asset disposal project and recover residual value form redundant IT equipment which could equate to around 10% of the original purchase price for assets around 5 years old.” “Do you have tapes or hard drives that are being released and need to be destroyed or do you have computers, laptops, servers and other IT equipment that you want to clear out before year end,” he asks. Companies should however be extremely cautious when appointing asset disposal service providers. It is important to check for accreditations like ISO9001, ISO14001 or even membership to a professional body like International Association of IT Asset Managers (IAITAM). He says very few companies offer ITAD as a core function and are able to provide a professional service. “It is important to remember that whilst you may appoint a service provider your liabilities are not transferrable.” There are about 50 operators in the industry offering ITAD services but they range from scrap metal dealers, printer repair and service companies to managers supplying after hour services and moonlighting to their companies. With the imminent appointment of... read more

Grace period for PoPI compliance nearly over, Data protection milestone in South Africa

Company executives must act swiftly, the grace period for compliance to the Protection of Personal Information Act (PoPI) is nearly over. For the first time, the South African National Assembly voted in favour of the appointment of the Information Regulator for PoPI. Parliament voted for the five nominated candidates to run the newly-formed office of the Information Regulator and will now be referred to the Minister of Justice and Correctional Services. The PoPI Act will hold organisations liable for the safety of their information. Companies could face increased data protection and disposal costs, massive fines, civil claims and reputational damage claims if they fail to upgrade information technology security systems ahead of the implementation of the Act. Xperien CEO Wale Arewa is excited by this decision, he says it impact both the consumer and the economy positively. “It will force companies to change their processes to ensure that the personal information and data they collect is protected.” “The small guy whose rights have been violated by data breach will now have recourse to take on corporate companies. This was previously unthinkable, considering the cost implications of putting together a case for high court litigation. Many aggrieved consumers have resigned to the bully tactics of cavalier corporate companies,” he explains. The new regulations will make it easier and less risky for multinationals to do business in South Africa. Many have resisted doing business due to a lack in data protection laws, that could leave them exposed to data breach and it dire consequences. “Company executives responsible for IT asset management need to understand the principles of IT Asset Disposal (ITAD)... read more

Xperien introduces a Professional Degausser

Xperien introduces a Professional Degausser – Total erasure and complete destruction An increasing number of government regulations, industry standards and internal risk mitigation policies require organisations to sanitise storage media prior to disposal or reuse. Xperien has introduced its own hard drive degaussers and physical destroyers specifically designed to help you eliminate the risk of data breach and meet the standards that govern your organisation’s operations. This Machine is a capacitive discharge continuous work degausser for all kinds of Hard Drives, it can perform work for 8 hours continuously. The Xperien degausser combines proven technology with a failsafe reporting system, ensuring an audit trail for the data destruction process. The device records the serial number via a handheld scanner before performing the destruction cycle and then completes the process by issuing an instruction to the software to record a successful operation. The benefits Speed: This is the faster method and takes 2 mins to destroy the data and capture the media serial number for the audit trail. Simplicity: Operating our device is require basic computer operation and technical ability. Mobility: Weighing only 20kg it is preferred for quick response in remote locations. Technical support: Xperien can also provide a high level technical support, our technicians are available to execute projects or to train your staff if in-house operatives are preferred. Compliance: Compliant with the Protection of Personal Information Act 2013 (POPI) Our Service Device rental Monthly R30 000 (Ex Vat) Includes laptop and operating software Onsite Technician Daily R5 000 (Ex Vat) Excludes Travel & Accommodation from JHB International Projects SADC Projects add Ask for quote (USD) Other African... read more

Wait and see approach could be detrimental

Many organisations have taken a wait and see approach to the Protection of Personal Information (PoPI) Act. This is largely due to the delay in the appointment of an information regulator, who has the power to investigate and impose penalties for breaches to the Act. The PoPI Act stipulates how companies may collect, handle, store and discard information, with heavy penalties for those that fail to comply. Once the commencement date of the PoPI Act is announced, organisations will have 12 months to comply with the Act. Xperien CEO Wale Arewa says the reality is that if there is a breach, the financial implications can possibly cripple an organisation. “If found guilty, companies will face potential civil claims, fines and reputational damage.” “The Act enforces companies to introduce strict measures and guidelines that will safeguard the processing, usage and handling of sensitive information. It places a strict onus on businesses when it comes to handling personal information about their clients, staff and customers,” he adds. Cybercrime is growing at a rapid pace, it’s geared towards stealing personal information for financial gain. Once criminals have access to personal information, they can use it for identity theft or to commit fraud. Many people use their personal mobile devices for work purposes and this is a huge concern for organisations as confidential information is at risk of leaking. Company executives need to take measures to ensure that all personal information is protected on all mobile devices including smartphones, tablets and laptops. Arewa says knowing what information to protect is vital. “Once you know where this information resides, you can put a plan... read more

Identity thieves target used hard drives

With the amount of personal data stored on hard drives, one would expect companies to wipe these crucial devices clean before donating or selling them. Hard drives are especially targeted by syndicates because they are easy to resell. Xperien CEO Wale Arewa urges organisations to fully erase all personal data from all hard drives. “And that means more than simply hitting delete. Many people will presume that pressing the delete button on a computer file means that it is gone forever. However, this information can be easily recovered.” “We live in a world where personal and company information is a highly valuable commodity. It is important that people do everything they can to stop their details from falling into the wrong hands,” he added. Xperien has developed processes for eliminating data from hard drives to meet the strict security standards for monitoring, control and alignment with any organisation’s policy. It issues certificates that provide management with documentary proof of due diligence in the execution of their responsibility. Data must be erased using one of the three methods in order to be compliant with the Protection of Personal Information Act 2013 (PoPI) and also to ensure that a company’s intellectual property does not fall into the wrong hands. Arewa says failure to carry out one of the following data destruction methods may lead to serious penalties. “More importantly, the loss of data could lead to your company’s reputational damage.” Advance digital data elimination allows the hard disk drive to be reused, making this method the most environmentally compliant. Xperien’s software solutions offer the best audit trails on the market. Alternatively,... read more

ITAM Foundation Course

When it comes to managing your IT Assets, this is what Gartner predicts:  Your organisation faces a 65% chance of being audited by at least one software vendor in the next 12 months Companies that practice IT Asset Management (ITAM) have 15% or lower Total Cost of Ownership (TCO) Effective asset management could save up to 30% of an IT budget 70% of organisations have a 30% discrepancy between planned inventory and actual inventory Enterprises that systematically manage the lifecycle of their assets (from acquisition to disposal) will reduce cost per asset by as much as 30% during the first year and between 5% and 10% annually during the next five years Enterprises that do not integrate usage and inventory data overbuy software licenses for 60% of their portfolio and are non-compliant on 30% of their software Considering the above, you should realise why ITAM is key to every large IT organisation. Effective ITAM training is key to implementing an effective ITAM strategy in your organisation. ITAMSA and Xperien will be running the next Foundations Certified IT Asset Management course on the 26th and 27th July 2016 at our offices in NorthRiding, Johannesburg WHO SHOULD ATTEND? Any employee, manager or executive involved in any of the disciples below will benefit greatly from the training: Technology Procurement Fixed Asset Registers Contract Management Compliance Management IT Governance Risk Management Asset Managers Software License Management Information Technology Infrastructure Library (ITIL) ITAM Implementation Programs Generally Accepted Accounting Principles (GAAP) CAMP: ITAM Foundation Course (2 days) The ITAM Foundations Course with optional Certified Asset Management Professional (CAMP) Certification is designed to impart an extensive overview... read more

Xperien acquires stake in ITAMSA

Encouraged by the dire need in organisations in South Africa for appropriate and integrated lifecycle management of IT assets, ITAMSA was established in 2012. As an affiliate of the International Association of Information Technology Asset Managers (IAITAM), ITAMSA specialises in all aspects of the lifecycle of processes for IT assets in organisations of every size and industry.

read more