Ask the Expert

A policy for CD burners

What should my policy be regarding CD burners in the company? They are becoming cheaper and cheaper, and more project managers are requesting this purchase. I am concerned about information leakage and software piracy.


    Requires Free Membership to View

CDs and burner devices should be handled as any other electronic media devices. Some check points include:

  • Logically and physically secure the CD and burner

    Data should be logically secured to the highest degree commensurate with the sensitivity of the data. The burner units should be physically secured when not in use.

  • Information should be classified prior to burning

    In order to properly protect information assets, all information should be classified. By classifying data, business units can determine the appropriate resources needed to protect information.

  • Information must have an owner

    The information wwner's responsibilities are to classify the information to assure it is properly handled.

  • CDs should be sanitized if no longer required

    Electronic media should be degaussed (electronically sanitized) or otherwise rendered unrecoverable and verified by the use of special file recovery programs. Proof of this activity is mandatory.

  • Verification

    After the media has been sanitized, the responsible technician should document the action with detailed information attached to the originator (owner) request.

  • Identification of sanitized media

    Sanitized media should be individually identified and method should be employed to prevent accidental re-use with an appropriate method to the media.

  • Sanitized prior to re-use

    Any media containing sensitive information should be sanitized prior to re-use to ensure that any sensitive information resident is unretrievable.

  • Off site

    Any magnetic media sent off site (other than backup) should be sanitized prior to leaving the facility.


    This was first published in September 2001

  • There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: