Information Asset Labeling and Handling
Labelling
Guidelines
Sensitive electronic information should
state the classification level within the document.
Sensitive physical information should be clearly marked with the classification level on the document.
Instructions
Documents header, footer, including cover page, subject line etc., should be labeled for medias like USBs, CD/DVDs, Tapes, etc.
Placing a stamp with classification level.
Storage
Guidelines
Sensitive electronic information must be encrypted at all times when stored and kept in an access controlled folder or directory.
Sensitive physical information should be stored in a locked drawer, cabinet within a locked office.
Instructions
MS word, excel, etc., should be password protected.
Other formats should be zipped with password (e.g. pdf, txt, AutoCad, etc.,)
Access to the location should be controlled; data owner can seek assistance with IT to make the control in effective manner.
Information should be stored in the shared drives in line with defined classification level folders.
Dedicate physical storage and folders as per the data classification.
Handling
Guidelines
Sensitive electronic information must be encrypted at all times when emailed or electronically transferred.
Sensitive physical information should be transferred in sealed, tamper-proof packaging and a trusted courier should be used.
Instructions
Encryption: MS word, excel, etc., should be password protected. Other formats should be zipped with password (e.g. pdf, txt etc.,)
Transferring or Sending through emails, or copying into USBs*, or uploading to ftp*, etc. * approved employees only can perform
Use non-re-sealable envelope with clear labelling the classification code.
Transmittal notes to be labeled on the documents.
Receiving party should ensure the envelope is not broken/tampered.
Disposal
Guidelines
Sensitive electronic information must be securely wiped when no longer required and it is recommended that data should be deleted/formatted from the file location, media, etc.
Sensitive physical information must be securely shredded using a minimum of a cross-cut shredder.
Instructions
Storage Medias like USBs/CDs/DVDs should be wiped.
Contact IT for assistance Draft versions should be deleted permanently once the approved versions are release
Use shredder.
Thanks for Read,
Please "SHARE" our post that your friends can read and learn and "COMMENT" us so that we can make our blogbeautiful.
Please Follow us.
Facebook Profile
Twitter
Google+
facebook Page
Youtube
E-mail
No comments:
Post a Comment