Media Protection (MP) Archives - Findings

Are only approved portable storage devices under asset management used to store ‘s data?

Are only approved portable storage devices under asset management used to store ‘s data?

Are all ‘s data on media encrypted or physically locked prior to transport outside of the company?

Are all ‘s data on media encrypted or physically locked prior to transport outside of the company?

Does the company limit access to media containing ‘s data only to authorized users?

Does the company limit access to media containing ‘s data only to authorized users?

Is access to media containing ‘s data logged?

Is access to media containing ‘s data logged?

Are all systems containing ‘s data identified with an asset control identifier, for example, does each company laptop have an asset id tag with a unique number and marked?

Are all systems containing ‘s data identified with an asset control identifier, for example, does each company laptop have an asset id tag with a unique number and marked?

Is system digital and non-digital media sanitized before disposal or release for reuse?

Is system digital and non-digital media sanitized
before disposal or release for reuse?

Is all managed data storage erased, encrypted, or destroyed using mechanisms to ensure that no usable data is retrievable?

Is all managed data storage erased, encrypted, or
destroyed using mechanisms to ensure that no usable
data is retrievable?

Are all the company’s data on media encrypted or physically locked prior to transport outside of the company?

Are all the company’s data on media encrypted or physically locked prior to transport outside of the company?

Is key vaulting is utilized to ensure recoverability?

Is key vaulting is utilized to ensure recoverability?

Are only approved portable storage devices under asset management used to store the company’s data?

Are only approved portable storage devices under asset management used to store the company’s data?

1
2