Transporting Information Assets Communications Forum - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

Transporting Information Assets Communications Forum

Description:

Transporting Information Assets Communications Forum Theresa Masse, Chief Information Security Officer State of Oregon Topics Best Practices Q & A Best Practices ... – PowerPoint PPT presentation

Number of Views:75
Avg rating:3.0/5.0
Slides: 15
Provided by: EvaD150
Category:

less

Transcript and Presenter's Notes

Title: Transporting Information Assets Communications Forum


1
Transporting Information AssetsCommunications
Forum
Theresa Masse, Chief Information Security
Officer State of Oregon
2
Topics
  • Best Practices
  • Q A

3
Best Practices - Safeguards
  • Use encryption
  • Maintain an exact copy
  • Store media in a locked room or cabinet
  • Limit access to those with a need

4
Best Practices - Employees
  • Employees who transport should
  • Read and understand all applicable written
    policies and procedures.
  • Seal hard copy documents in an envelope marked
    with street address and phone number.

5
Best Practices - Employees
  • Employees who transport should
  • Maintain physical control throughout transport.
  • Ensure protection from view by unauthorized
    personnel.

6
Q A
  • How does this policy relate to the Information
    Asset Classification levels?
  • Based on business requirements and needs, an
    agency needs to determine if an information asset
    is confidential/sensitive and classifying the
    information asset contributes to making this
    decision

7
Q A
  • Does this policy apply to assets transported from
    office location to office location within an
    agency?
  • Anytime confidential/sensitive information assets
    are transported they must be protected.

8
Q A
  • Who approves the carrier, DAS or the agency?
  • The term management in the policy means agency
    management.

9
Q A
  • Can an agency still use the U.S. Postal Service
    (USPS) to send confidential/sensitive
    information?
  • Some confidential/sensitive information may be
    sent through USPS. Agencies need to determine
    appropriate levels of protection are in place
    before sending.

10
Q A
  • What is meant by the following requirement "The
    number, type, and destination of media must be
    clearly delineated on a form inside the package"?
  • Examples
  • 2 Tapes to DAS-SPO
  • 10 Job Applications to DAS-HRSD

11
Q A
  • Is the state renegotiating carrier contracts at a
    statewide level?
  • No, DAS is reviewing all statewide carrier
    contracts and will look for opportunities to
    improve terms and conditions in future contracts.

12
Q A
  • If an agency is not compliant with the policy how
    will this impact the agency when audited?
  • If an audit finds that an agency is not compliant
    with this policy, agency management can explain
    the circumstance and agency progress when
    responding to the findings.

13
Q A
  • Is there insurance to cover a breach?
  • The current focus is on the prevention of a
    breach and insurance options are being evaluated.

14
Thank You
  • Other Questions
  • Contact Eva.Doud_at_state.or.us
Write a Comment
User Comments (0)
About PowerShow.com