- Ensure that your workstation has been secured as per UISO recommendations. Contact your IT Pro if you need help.
- If you have critical or restricted data in your environment:
- If the data is on physical media such as a DVD, ensure that it is stored in a locked room/cabinet and accessible by authorized users only.
- Keep the media secured until the project is over as protection against accidental erasure.
- At project completion, ensure that the media is handled as per rules or regulations to which the data is subject, for instance via physical destruction or secure erasure.
- If the data is on your workstation, ensure that it is encrypted.
- Delete the data from your workstation securely or keep it encrypted if it is no longer needed.
- Check to see if the rule or regulation the data is subject to has specific disposal requirements.
- If the data is on physical media such as a DVD, ensure that it is stored in a locked room/cabinet and accessible by authorized users only.
Beware of this pitfall
A common misconception is that it is inherently secure to send data from your workstation to another system simply because your system has full disk encryption enabled. In truth, when a file is sent in this scenario the file is unencrypted prior to being sent. This means that the unencrpyted file is being transmitted and arrives unencrpyted at the recipients end. Even in the case that you use an encrypted channel such as https, this only ensures that the transmission of the file is encrypted. The end result is the same and the file that is received will be the unencrypted version of the file you sent. To ensure that the data you are sending arrives as an encrypted file, you must encrypt that file using file-level encryption prior to sending it.