Security Basics mailing list archives
Re: risk assessment - non electronic data
From: "Marc-André Laverdière" <marcandre.laverdiere () gmail com>
Date: Thu, 2 Oct 2008 06:30:11 -0400
You can learn from the way governments handle classified materials. I'm not an expert, but some leaks lately give you a picture. 1) Serial number on each document, with a different number for each copy 2) Lock and key, and tight control on that 3) Register of who can have what in the office 4) Register of who can have what out of the office 5) Keep track of each document that enters or leaves the safe Don't know more, but that's a start. On Wed, Oct 1, 2008 at 10:20 AM, <s0h0us () yahoo com> wrote:
Hello everyone, I'm looking for some advice on performing information security risk assessments for non-electronic data (hardcopy instances of confidential information). I've going through the process of identifying confidential documents, and verifying that it is securely stored...anything else I should be doing? thanks in advance
-- Marc-André LAVERDIÈRE "Perseverance must finish its work so that you may be mature and complete, not lacking anything." -James 1:4 mlaverd.theunixplace.com/blog /"\ \ / ASCII Ribbon Campaign X against HTML e-mail / \
Current thread:
- risk assessment - non electronic data s0h0us (Oct 01)
- Re: risk assessment - non electronic data Alexander Swensen (Oct 01)
- IPS Mattias Hemmmingsson (Oct 02)
- Re: risk assessment - non electronic data Marc-André Laverdière (Oct 02)
- <Possible follow-ups>
- Re: risk assessment - non electronic data martlaberge (Oct 01)