RE: Removable media

[<whip () netspace net au>]

We have been implementing Checkpoint Removeable Media Manager (formally
Pointsec Reflex).

Does encryption, auditing, logging and management.


Cheers,
Scott

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Albert R. Campa
Sent: Saturday, 1 December 2007 4:25 AM
To: security-basics
Subject: Re: Removable media

first of all encryption has to be implemented.
Then some type of application/device control system. Lumension
Sanctuary comes to mind.

NIST has some policies on encryption standards.




On Nov 30, 2007 8:27 AM, Worrell, Brian <BWorrell () isdh in gov> wrote:
>  Hello,
>
> I am curious if anyone has a policy or can reference a policy, about
> removable media. After all the losses of backup tapes, CD's and USB
> flash drives being discussed in the media, this topic has become more
> important than I think it has been in the past.
>
> What are some of you doing to track media with sensitive information,
> such as ePHI or SSN, on it, or how are you tracking if someone copies
> information to a removable media device?
>
>
>
> Thank you,
>
> Brian Worrell
> Information Security Manager and Security Officer
> Office of HIPAA Compliance
> Indiana State Department of Health
> 2 North Meridian Street
> Indianapolis, IN  46204
> o: (317) 233-4945

No virus found in this incoming message.
Checked by AVG Free Edition. 
Version: 7.5.503 / Virus Database: 269.16.10/1160 - Release Date: 29/11/2007
8:32 PM
 

No virus found in this outgoing message.
Checked by AVG Free Edition. 
Version: 7.5.503 / Virus Database: 269.17.2 - Release Date: 14/12/2007 12:00
AM