"Preventing the unauthorized disclosure and loss of data has become almost impossible. Employees and others can use iPods, flash drives, cameras, and PDAs such as iPhones to download data and remove it from an organization's premises."
Do you agree or disagree with the statement above? Please provide support for your position. What controls from the chapter could be applied to reduce the risk of data disclosure and risk from these devices (please pick 3)? How would the controls you choose reduce the risk?
These devices can definitely be used to bypass physical access controls and logical access controls, such as tangibly limiting entree to a computer facility, library controls, and access control software with credentials and substantiation techniques. However, some controls that might be used to reduce the risks of disclosure and loss include the following:
· Implement portable device policies and education programs for employees.
· Encrypt flash drives to guard data in the happening that the device is lost.
· Sack employees violating portable device policies.
· Some organizations have gone to the extreme of limiting their network’s capability to write to portable storage devices.
Get Answers For Free
Most questions answered within 1 hours.