Notebook computers, USB flash drives, and other removable media devices are often used outside a secure network environment, which makes them particularly susceptible to loss. As a result, extra care needs to be taken to protect the devices and any “not public” data contained on them.
All computers should be secured with a strong password. To protect both the data and the computer equipment, the following security measures should also be considered:
- Government data should not be stored on personal computers, personal USB flash drives, and other similar personal equipment.
- “Not public” data should be stored on a notebook computer or removable media device only when there is a business need.
- Data stored on a notebook computer or a removable media device should be strongly encrypted.
- When removable media are no longer in use, they should be securely destroyed.
- When disposing of computers, the hard drives should be securely erased.
- Cable locks should be used for all computers, except while in transit.
- Computers should never be left in an unattended vehicle.
The State of Minnesota's Information Technology organization, MN.IT Services, has a number of resources on their website for governmental entities who are drafting security policies for portable computing and media devices. To view this material, go to:
Date this Avoiding Pitfall was most recently published: 2/13/2015