Home page logo

basics logo Security Basics mailing list archives

Re: Removable media
From: "Albert R. Campa" <abcampa () gmail com>
Date: Fri, 30 Nov 2007 11:24:49 -0600

first of all encryption has to be implemented.
Then some type of application/device control system. Lumension
Sanctuary comes to mind.

NIST has some policies on encryption standards.

On Nov 30, 2007 8:27 AM, Worrell, Brian <BWorrell () isdh in gov> wrote:

I am curious if anyone has a policy or can reference a policy, about
removable media. After all the losses of backup tapes, CD's and USB
flash drives being discussed in the media, this topic has become more
important than I think it has been in the past.

What are some of you doing to track media with sensitive information,
such as ePHI or SSN, on it, or how are you tracking if someone copies
information to a removable media device?

Thank you,

Brian Worrell
Information Security Manager and Security Officer
Office of HIPAA Compliance
Indiana State Department of Health
2 North Meridian Street
Indianapolis, IN  46204
o: (317) 233-4945

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]