Re: Flash Drive Policy

Steven,

You would need to modify the document however I think this is close to
what you are looking for.

http://www.sans.org/resources/policies/Remote_Access.pdf

http://www.sans.org/resources/policies/Information_Sensitivity_Policy.pdf

Hope this helps.

Thanks,
Aditya Govind Mukadam



On Fri, Oct 10, 2008 at 1:09 AM, Steven Bonici <sbonici@xxxxxxxxxxxxx> wrote:

I am actually looking for a document. I know there are tools out there
and we should be using them, but I would like to start with some kind of
written document. There are a number people that take work home (I know
that is bad), but I haven't been here all that long and they have been
doing this since the "floppy" days. I am concerned that people are not
protecting themselves correctly at home (antivirus, updates, etc) and
want to make sure they aware that they are responsible for the data on
the drive. I have been holding security awareness presentations, but we
need a written policy that they are going to sign.

Thanks.

-----Original Message-----
From: Gleb Paharenko [mailto:gpaharenko@xxxxxxxxx]
Sent: Thursday, October 09, 2008 3:35 PM
To: Steven Bonici
Cc: security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: Flash Drive Policy

Hi!

In case you mean - a policy - like a document - it all about your
business needs and risks. There plenty of tools which can support your
policy. For example devicelock or Cisco Security Agent.

2008/10/9 Steven Bonici <sbonici@xxxxxxxxxxxxx>:


I am looking for a policy on using flash drives, can someone point me
to one?

Thanks - Steven




--
Best regards.
Gleb Pakharenko.
http://gpaharenko.livejournal.com
http://www.linkedin.com/in/gpaharenko