Green IT presents security concerns

Green politics, once a minority interest, has become part of mainstream political and business life. Supermarkets compete on how much recycled plastic they use in their bags, and sell increasing quantities of organic food. IT may not have been greatly affected so far, but it soon will be.

Green politics, once a minority interest, has become part of mainstream political and business life. Supermarketscompete on how much recycled plastic they use in their bags, and sell increasing quantities of organic food. IT may not have been greatly affected so far, but it soon will be.

On the big green issue - global warming - European Union countries and some US states have established carbon-trading schemes, granting or selling tradeable permits to generate greenhouse gases. Such schemes started by focusing on the biggest emitters such as power companies, but some technology-focused firms are already tackling the issue.

In July, BT won environmental campaigner Al Gore's Business in the Community Company of the Year Award, partly for reducing its carbon emissions by 60% since 1996. And big IT firms such as IBM, HP, Sun and Google are implementing major green schemes.

Analyst firm Gartner calculates that the IT and communication sector is responsible for 2% of global carbon dioxide emissions - the same amount as aviation, an industry reviled by environmentalists.

In May, Gartner predicted that 50% of medium and large IT organisations in western Europe will declare a green imperative by the end of next year. This will happen as a result of financial, legislative and risk-related pressures as well as environmental ones, although fewer than 20% outside the region will do likewise.

Emerging green threats to security

Simon Mingay, a research vice-president for Gartner, says some companies may inadvertently risk giving away information in an effort to report their progress on environmental issues. "If you look at organisations such as BT and Ericsson, which are doing a good job on disclosure, they are putting a lot of information about operations out there," Mingay says.

"Your PR people will want to get as much out as they can, but I think there are some security-related issues around that." Precise electricity consumption figures could provide rivals with clues to what kind of equipment is in use, for example, "It is a balancing act," Mingay says.

A better-known set of security dangers arises from recycling schemes for computer equipment, an environmental measure already undertaken by many organisations. In addition to recycling constituent parts, such kit is often donated to charities or schools.

Retailer Marks & Spencer recycles its computer equipment through RDC, a subsidiary of Computacenter, which uses data-eradication products approved by CESG, the UK government's national authority for information assurance. "None go to landfill," says a Marks & Spencer spokesperson.

The risks of computer recycling are well known. Data must be removed before the hardware is reused. Computer Aid International, a London-based charity, has sent 90,000 recycled computers to the developing world over the past decade. It normally uses software to wipe information through its partnership with Finnish software firm Blancco, which is CESG approved.

"We prefer wiping intensively, with destruction of the hard drive as a back-up," says Tony Roberts, chief executive and founder of Computer Aid International. He says that some organisations avoid the issue by saving sensitive data on servers rather than on local drives.

Roberts says his organisation often deals with security concerns by inviting donors to see the recycling process themselves. The charity also has liability insurance and offers compliance with the European Commission directive on Waste Electrical and Electronic Equipment.

"The City of London police has been here, the Treasury has been here, and subsequently we have computers from those and many other organisations," he says, with other clients including insurer Aviva and financial services firm Investec.

"All equipment leaving the force is sanitised," says Gary Brailsford, head of information management for London police. "This involves the use of a software tool that ensures the total destruction of all data on hard drives. All other equipment settings are restored to factory defaults."

But some prefer physical destruction of all hard drives. "You put them in a bench press and drive a steel spike through them," says Alex van Someren, chief executive of Cambridge-based encryption supplier nCipher.

"There is no process you can do that totally eradicates the data. I do not allow the data to leave the building." The firm does donate equipment to Cambridge University's computer laboratory and local charities, but only after fitting new hard drives to machines.

Alternative ways of recycling

Andy Clark, head of forensics for security consultancy firm Detica, says there are other options. Hard drives can be recycled internally, and if organisations track and restrict what is dealt with by each computer, they may find only some are handling sensitive data. However, "For the ones that are most sensitive, there is no better way than physical destruction," Clark says.

Whatever the choice, Clark says a scrupulously followed process is essential. "You need to get a production line so you can validate you have done it all the way," he says, adding that sending a couple of wiped machines to an external firm for checking is a good idea.

Do things go wrong with computer recycling? "Yes, and it is normally because it has been done with the best intentions, as a local initiative," Clark says. "Because green issues are on people's minds, and rightly so, they take the initiative and recycle them without knowing what is going on."

So it is best to establish a proper process for recycling before staff start doing it anyway, and this should include all hardware that holds data, including mobile devices such as Blackberries, servers and printers.

Paper recycling also has security risks, and sending paper to landfill sites creates similar dangers. The answer is to combine recycling with secure destruction.

In June, Oxfordshire law firm Henmans hired local shredding specialist Allshred to clear out more than eight tonnes of obsolete records from a basement office. Allshred parked a truck outside the office that shredded the files and stored the fragments, allowing the firm to witness the process.

"There are examples where they have material that has been used in a court case, and there is an obligation on them for destruction of the material," says Ian MacKay, managing director of Allshred.

"There is a growing recognition among some of the smaller companies that, while in the past they cleared the archive of accounts more than seven years old by putting them on the bonfire, it is not the right thing to do, both for regulatory and environmental reasons," MacKay says.

After shredding, Allshred takes paper fragments to recycling centres, where they are baled and processed into household tissues.

David Potter, Detica's senior fraud and risk expert, says a system of protective marking is important in helping staff recognise what needs to be recycled securely. The UK government has a multi-tier system - also used for computerised documents - but even just a single category of "commercial in confidence" is useful, Potter says. This can involve printing the sensitive documents on one colour of paper and non-sensitive ones on another.

However, Potter says that such a scheme is little help if documents are printed on central printers, leading staff to leave material lying around. This problem can be eased by printers that produce documents only when a user types in a personal identification number.

Furthermore, the "one-way" bins supplied by Allshred and others to collect confidential paper waste are useful, but only if properly managed. "I have seen situations where people have sealed bins, but the key is left at reception, freely accessible to all," he says. "I have seen bins that are so stuffed there are things sticking out you can reach in and pull it out."

Ken Munro, managing director of penetration testing firm SecureTest, has encountered similar situations, providing opportunities for staff and thieves.

There is more for IT security to consider on the environmental front than just recycling, however. Mingay says restrictions on power supplies, partly caused by environmentally driven campaigns against new power stations, have implications for business continuity.

"Particularly in the south-east and London, we have a big problem with power consumption and reliability of supply," Mingay says. In the UK, 26% of SunGard Availability Services' disaster recovery invocations last year resulted from power-related disruption, compared with 7% in 2005.

Power reliability problems are also found in the developing world, but have become common in developed parts of the world including California.

The usual solutions to the problem of unreliable power supplies are themselves environmentally messy: standby generators tend to run on diesel, and the batteries used within uninterruptible power supply equipment usually contain lead-acid. Fuel cells, which can run on bottled hydrogen, are a potentially cleaner alternative.

In June, Winton Capital Management, a futures and hedge fund firm, installed the first commercial fuel cell in Britain used to protect computer systems, following an installation last year by the supplier, UPS Systems, at its own headquarters in Hungerford. Winton's installation is able to provide a maximum of 30Kw of power, and uses an underground hydrogen storage facility.

Hydrogen fuel cells are virtually silent and produce only water as a by-product, so they do not need noise protection and exhaust vents - a significant benefit for organisations in big cities. Producing hydrogen in the first place requires power, although this can come from renewable sources.

"It is a new technology, gradually working its way in," says Steve Barrett, editor of Fuel Cells Bulletin. "It has been in the research and development stage for a very long time, and is just breaking through as a commercial proposition - it is still going to be more expensive than the incumbent technology."

Implications of green taxation

So far, government attempts to reduce individuals' carbon footprints have been fairly crude, such as flat taxes on fuel and airline tickets, and many of these measures predate any environmental justification.

But some politicians are championing sophisticated methods such as individual carbon accounts. Under these, citizens would receive a carbon ration, although they could buy or sell units as necessary.

In December last year, then UK environment secretary David Miliband told the Guardian that every citizen could receive a "carbon credit card", probably covering food, utility bills and travel, within five years - although this remains a feasibility study proposal rather than solid policy.

Apart from practical objections, such as how this system would prevent Britons buying a green Eurostar train ticket to Paris then escaping their carbon rations by flying from Charles de Gaulle airport, the nature of Miliband's comments concerned some. "There would be significant implications, as it would provide a lot of information on your lifestyle," Mingay says. "Would it raise privacy questions? Absolutely."

Gus Hosein, a senior fellow at human rights organisation Privacy International, says that a central database of personal carbon spending would effectively be a map of everything you do in your life, providing the state with information on everyone's movements and activities. "This will need the trust of the population," he says. "It can be seen as a new type of taxation, and unless it is seen as equitable and trustworthy, it is not going to fly."

He sees similar dangers with other environmental schemes championed by the UK government, such as tracking individual vehicle journeys for congestion charging, measuring each collection of households' non-recycled rubbish to charge by weight - an idea dubbed "bin brother" by some newspapers - and intelligent electricity meters, which provide indications of how many people live in a property and when they are in. Guarding such data, much of which could be of use to criminals, would present a significant security challenge.

Matt Prescott, director of the Royal Society for the Encouragement of Arts' CarbonLimited project, says it is possible to construct such schemes without building giant databases.

Its preferred model for carbon trading would involve the government establishing a framework, but each individual choosing which organisation handled his or her account, such as banks, energy companies or housing providers, or storing credits on a smartcard rather than on remote databases. "This is something people would decide for themselves," Prescott says.

● This article originally appeared on

Read more on Hackers and cybercrime prevention