mailing list archives
Re: Removable media
From: "Albert R. Campa" <abcampa () gmail com>
Date: Fri, 30 Nov 2007 11:24:49 -0600
first of all encryption has to be implemented.
Then some type of application/device control system. Lumension
Sanctuary comes to mind.
NIST has some policies on encryption standards.
On Nov 30, 2007 8:27 AM, Worrell, Brian <BWorrell () isdh in gov> wrote:
I am curious if anyone has a policy or can reference a policy, about
removable media. After all the losses of backup tapes, CD's and USB
flash drives being discussed in the media, this topic has become more
important than I think it has been in the past.
What are some of you doing to track media with sensitive information,
such as ePHI or SSN, on it, or how are you tracking if someone copies
information to a removable media device?
Information Security Manager and Security Officer
Office of HIPAA Compliance
Indiana State Department of Health
2 North Meridian Street
Indianapolis, IN 46204
o: (317) 233-4945
Re: Securing workstations from IT guys Brad Bendily (Nov 27)