safeguarding information for the security professional
getting down to basics
- Obtain
support for information security
from senior management.
- Do
not waste resources protecting
that which does not require protection.
- Identify
which information should be protected
and for how long.
- If
extremely sensitive, material
should be hand-carried or transmitted
using encryption techniques.
- To
dispose of sensitive material,
shred or make it unreadable.
- Valuable
company information must not be
left unattended in hotel rooms.
This includes hard copy and computer
disks.
- E-mail
and voicemail passwords must be
protected and changed frequently.
- All
sensitive materials must be removed
from conference rooms and chalkboards
and whiteboards erased after meetings.
- Where
possible, conduct background investigations
on all individuals with access
to sensitive information.
- Obtain
nondisclosure agreements from
employees, vendors, and others
with access to proprietary information.
