SAS 70

Dec 2 2008   1:52PM GMT

What would you pay for this USB harddrive? SAS70

Keith Harrell Profile: SAS70ExPERT

What would you pay for a eight gigabyte USB harddrive? Some would say billions; especially if it contained your company’s financial or critical data. Everyday you read about lost or stolen company data which may be your intellectual property, credit card, or other personal medical information of your CFO. They are also the fastest and surest way to give a CIO a security headache. What are you doing to protect these information assets?


If your company or your staff is saving company or customer data to a USB drive; you need to set standards in your security managment program to protect this information. A SAS 70 audit will require you to have  standards that include:


1)      Require that all data stored on USB drives be encrypted.

2)      Require that only USB drives that are password protected be used.

3)      Notify and train your employees on this policy and have a procedure in place which requires that an employee report lost or stolen USB drives immediately; otherwise, be prepared for “headlines” and a lawsuit.


Are you involved with securing your corporate data and if so, are you worried about the insecurity of USB disk drives? What measures do you have in place?


 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: