![]() Use a secure password management tool (see Additional Resources) to store sensitive information such as passwords and recovery keys.Do NOT use the same password from other systems. When creating a password, follow strong password requirements as defined in MSSND Control #5.For more information, refer to NIST's Guide to Storage Encryption Technologies For End User Devices Whenever possible, use AES (Advanced Encryption Standard) for the encryption algorithm because of its strength and speed.Use compliant encryption algorithms and tools.Develop and test an appropriate Data Recovery Plan (see Additional Resources).Mobile devices include laptops and smartphones. Removable media and mobile devices must be properly encrypted following the guidelines below when used to store covered data. ![]() Malicious users may gain unauthorized physical or logical access to a device, transfer information from the device to an attacker’s system, and perform other actions that jeopardize the confidentiality of the information on a device. RequirementĪnyone storing covered data on portable devices (such as laptops and smartphones) or removable and easily transported storage media (such as USB drives or CDs/DVDs) must use industry-accepted encryption technologies. The recommendations below are provided as optional guidance to assist with achieving the Data Encryption on Removable Media requirement. UC Berkeley security policy mandates compliance with Minimum Security Standard for Electronic Information for devices handling covered data.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |