Removable media includes e.g. flash memories, SD memories, removable storage drives, USB sticks and DVDs.
The organization has defined which removable media is allowed to be used.
Storing confidential information on removable media should be avoided. When removable media is used to transfer confidential information, appropriate security is used (e.g., full disk encryption with pre-boot authentication).
Removable media must be stored in a safe, other locker or other secure furniture. They must not be stored around the office without careful thought.
When removable media is an important part of an organisation's operations, more specific rules have been defined for securing removable media and the information they contain.
A large amount of valuable information in an organization has often accumulated over time into hard-to-find and manageable unstructured data — excels, text documents, intranet pages, or emails.
Once this information has been identified, a determined effort can be made to minimize its amount.Important data outside data systems is subject to one of the following decisions: