Portable Media Security Standard
Portable media such as USB keys, flash memory, CDs/DVDs, etc. are a crucial part of daily business. However, portable media is easily lost or stolen and may cause a security breach.
Because portable media can be stolen or compromised easily, users should take precautions when using it to transfer or store Confidential information. We strongly discourage placing Private Information on portable media.
Approved Portable Media
When handling RIT Private or Confidential information, you should use only portable media that provides an approved encryption level (the RIT Information Security Office requires 128-bit or 256-bit AES encryption).
Unacceptable Portable Media
USB media that doesn't include encryption
Encryption of CDs, DVDs, Removable Hard Drives, and Other Portable Media
Please contact the RIT Information Security Office for recommended encryption methods.
3rd Party Encryption Products
The RIT Information Security Office requires 128-bit or 256-bit AES encryption to protect RIT Private or Confidential information when transferred by or stored on portable media.
Media Disposal Recommendations
|
Media |
Disposal Method |
|---|---|
|
Paper |
Use a shredder. Crosscut is preferred over a strip shredder. |
|
CD, DVD, diskette, etc. |
Use the media shredder (located at the ITS Service Desk, 7B-1113). |
|
Hard Drives |
If the hard drive is to be reused, contact your support organization for recommendations for secure erasure. If the hard drive is damaged or will not be reused, render the hard drive unreadable by using the degausser (located at the ITS Service Desk, 7B-1113). (Not for SSDs) |
|
Tapes |
Use the degausser (located at the ITS Service Desk, 7B-1113). |
|
Other |
Use an industry standard means of secure disposal. |