Welcome to Scribd!

Information Security Standard 8.3a: Media Handling and Disposal Standard

Uploaded by

0% found this document useful (0 votes)

5 views2 pages

This standard establishes controls for handling and disposing of media to prevent unauthorized access to information stored on media. It applies to all employees, vendors, and agents of Western Carolina University. The standard defines media as physical storage devices that contain data, and classifies removable media as low security if it does not contain sensitive data. The standard provides guidelines for managing, transferring, and disposing of media to securely protect any stored data. Non-compliance may result in fines or penalties against the university.

Original Description:

Original Title

IT-Policy-8.3a

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

5 views2 pages

Information Security Standard 8.3a: Media Handling and Disposal Standard

Uploaded by

Kate Middleton

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 2

Search inside document

Information Security Standard 8.

3a
Media Handling and Disposal Standard

Initially Approved: September 25, 2015

Revised: March 30, 2020 (as the Media Handling and Disposal Standard)
Administering Office: Office of the CIO

I. STANDARD STATEMENT

This standard, operating under University Policy 117 Information Security,

establishes controls that prevent unauthorized disclosure, modification, removal or
destruction of information stored on media.

II. SCOPE AND APPLICATION OF THE STANDARD

This standard applies to all employees, vendors and agents operating on behalf of
Western Carolina University.

III. DEFINITIONS

Media for the purpose of this standard is defined as physical storage that contains
data such as removable and non-removable hard disk drives, magnetic tapes, DVD
and CD discs, USB flash drives, and all other types of removable storage.

IV. MEDIA HANDLING AND DISPOSAL STANDARD

• Management of removable media

o WCU’s Data Handling Procedures classify removable media in the “Low
Security Zone.” This means that no sensitive data will be stored on
removable media. The only exception is for course-related student data on
removable storage if it is encrypted and removed after one year.
Refer to the Use of Cryptographic Controls Standard for information
regarding data encryption.
o Removable media can degrade and become unusable over time.
Important data should be transferred to fresh media after three years.
Additionally, important data must also be stored in another location to
mitigate the risk of degraded or lost removable media.
o All removable media will be stored in a safe and secure environment to
prevent damage, loss or theft.

• Disposal of media
o Media that has been used will be disposed of securely when no longer
required or needed.
o All media, as defined in this standard, must be disposed of according to the
IT Surplus Hard Drive and Data Disposal Process with the exception of CD,
DVD and floppy discs, which may be rendered unusable by breaking or
shredding the disc without utilizing the IT disposal process.
• Physical media transfer
o Media containing data will be protected against unauthorized access,
misuse or corruption during transportation.
o Any media containing sensitive data must be shipped by a tracked carrier
with a recipient signature required. For encrypted data, the encryption key
should only be released after the package has arrived and been signed for.
o Legal advice should be sought to ensure compliance before media
containing encrypted information or cryptographic controls are moved
across jurisdictional borders.

V. ENFORCEMENT

Failure to comply with this standard will increase the chance of a data breach which
may result in the imposition of fines, or other significant penalties against WCU, and
disciplinary action against employees.

VI. REFERENCES

International Standards Organization (ISO/IEC 27002, 8.3 Media handling)

45 CFR Part 164, Subpart C, Security and Privacy

Data Handling Procedures Related to the Data Security and Stewardship Policy
IT10.1a Use of Cryptographic Controls Standard
IT Surplus Hard Drive and Data Disposal Process

CISSP Certification Exam Study Guide: (Cerified Information Systems Security Professional)
From Everand
CISSP Certification Exam Study Guide: (Cerified Information Systems Security Professional)
Kumud Kumar
No ratings yet
Challenges and Ethical Issues in Artificial Intelligence
From Everand
Challenges and Ethical Issues in Artificial Intelligence
akosnemeth
No ratings yet
Data Encryption Policy
Document6 pages
Data Encryption Policy
Kamrul Hasan
No ratings yet
Appendix 9
Document9 pages
Appendix 9
Mohammad Aamir
No ratings yet
IT Security Policy
Document15 pages
IT Security Policy
Meyrama Feyo
No ratings yet
Data Destruction Policy 20.02.20
Document3 pages
Data Destruction Policy 20.02.20
Tripti Dutta
No ratings yet
LEP Data Encryption Policy
Document6 pages
LEP Data Encryption Policy
ayalewtesfaw
No ratings yet
Cryptography Policy - ISP-S16
Document4 pages
Cryptography Policy - ISP-S16
Henrique Guapo
No ratings yet
LEP Removable Media Policy
Document3 pages
LEP Removable Media Policy
CaAs Simon
No ratings yet
Best Practices in Disposal of Computers and Electronic Storage Media
Document6 pages
Best Practices in Disposal of Computers and Electronic Storage Media
mona234
No ratings yet
IT Security-Policy
Document11 pages
IT Security-Policy
Perez Jose
No ratings yet
Policy On Safeguarding Data
Document7 pages
Policy On Safeguarding Data
ihab
No ratings yet
Removable Storage Media Policy V0.1
Document6 pages
Removable Storage Media Policy V0.1
Nijith p.n
No ratings yet
Physical Security
Document37 pages
Physical Security
Sugar Dolls
No ratings yet
Security Policies and Procedures
Document6 pages
Security Policies and Procedures
JEX
No ratings yet
2018 12 29 Clear Desk Policy v2
Document5 pages
2018 12 29 Clear Desk Policy v2
Areef
No ratings yet
Media Protection Policy
Document3 pages
Media Protection Policy
Alex Gitahi
No ratings yet
Domain 2 - Asset Security
Document15 pages
Domain 2 - Asset Security
Louie Mok
No ratings yet
Technology Usage Policy
Document6 pages
Technology Usage Policy
Phung Ong
No ratings yet
CISSP Chapter 5
Document2 pages
CISSP Chapter 5
luistorres21es
No ratings yet
Standard Operating Procedure (SOP) On Technical Security Measures For All PNP Data Processing Systems (DPS)
Document11 pages
Standard Operating Procedure (SOP) On Technical Security Measures For All PNP Data Processing Systems (DPS)
Mark Anthony Roque
No ratings yet
Remote Access
Document3 pages
Remote Access
nranjit1
No ratings yet
ITSS - 01 IT Security Standard - Data Backup
Document3 pages
ITSS - 01 IT Security Standard - Data Backup
jessy_patty
No ratings yet
English Task 10
Document6 pages
English Task 10
chlo
No ratings yet
University of Liverpool: IT Asset Disposal Policy
Document10 pages
University of Liverpool: IT Asset Disposal Policy
zhuro
No ratings yet
Information Systems Security Standards
Document16 pages
Information Systems Security Standards
U King Swe
No ratings yet
ISMS Policy 1
Document5 pages
ISMS Policy 1
Harry Susanto
No ratings yet
IT Backup Policy and Standards 2016mar14
Document10 pages
IT Backup Policy and Standards 2016mar14
bakritayeb
No ratings yet
Mobile Computing Device Security Standard
Document3 pages
Mobile Computing Device Security Standard
Bullet Aristo
No ratings yet
Template Removable Media Procedure
Document2 pages
Template Removable Media Procedure
Yogesh Joshi
No ratings yet
Template Removable Media Procedure
Document2 pages
Template Removable Media Procedure
Yogesh Joshi
No ratings yet
Clean Desk Policy
Document7 pages
Clean Desk Policy
Vic Logic
No ratings yet
Encryption Policy Sample PDF
Document7 pages
Encryption Policy Sample PDF
Bobby IM Sibarani
100% (1)
Session 111 Encryption Policy Sample
Document7 pages
Session 111 Encryption Policy Sample
aalmotaa
No ratings yet
Information Security Policy
Document11 pages
Information Security Policy
Perez Jose
No ratings yet
PS129 Encryption
Document5 pages
PS129 Encryption
mraiyan4590
No ratings yet
Itss 01
Document3 pages
Itss 01
strokenfilled
No ratings yet
Wireless Comm in Ication Policy
Document3 pages
Wireless Comm in Ication Policy
Ernesto Regaspi
No ratings yet
ICT - Security - Information Security Policy
Document15 pages
ICT - Security - Information Security Policy
jack s99
No ratings yet
Network Security Policy Template
Document14 pages
Network Security Policy Template
Shabir Musthafa
No ratings yet
Data Security Plan
Document10 pages
Data Security Plan
Saif Rehman
No ratings yet
Appendix C Security Incident Policy
Document18 pages
Appendix C Security Incident Policy
andrisuranti
No ratings yet
PSPF Infosec 11 Robust Ict Systems
Document6 pages
PSPF Infosec 11 Robust Ict Systems
Scott
No ratings yet
Maintenance of Electronic Records
Document4 pages
Maintenance of Electronic Records
ATUHA PETER
No ratings yet
Removable Media Acceptable Use Policy
Document8 pages
Removable Media Acceptable Use Policy
Rashid Kamal
No ratings yet
Chap1 Introduction To Information Security
Document14 pages
Chap1 Introduction To Information Security
Nitish Lokhande
No ratings yet
Iot Fundamentals:: Security & Privacy
Document21 pages
Iot Fundamentals:: Security & Privacy
selena lopez
No ratings yet
Data Classification Policy Sample
Document5 pages
Data Classification Policy Sample
bhlkumar
No ratings yet
International Data Protection Standards: Key Points
Document2 pages
International Data Protection Standards: Key Points
Neil Tristan Mejia Yabut
No ratings yet
Dsa 102 Lesson 3
Document12 pages
Dsa 102 Lesson 3
shadowlord468
No ratings yet
Data Security Policy Data Security Policy
Document9 pages
Data Security Policy Data Security Policy
Abbas Ahmad
No ratings yet
Disposal of Media Policy and Procedures
Document2 pages
Disposal of Media Policy and Procedures
Ahmed AbdelFatah
No ratings yet
Cert-In: IT Security Policy
Document13 pages
Cert-In: IT Security Policy
AFSungo
No ratings yet
Data Classification Policy
Document6 pages
Data Classification Policy
AndyBaib
100% (1)
Removable External Media Policy
Document1 page
Removable External Media Policy
aami6
No ratings yet
DLP Plan Final Signed
Document9 pages
DLP Plan Final Signed
tmendis
No ratings yet
Laptop Encryption Policy
Document2 pages
Laptop Encryption Policy
solopilot1
No ratings yet
A Set of Information Security Policies
Document21 pages
A Set of Information Security Policies
Imam Halim Mursyidin
No ratings yet
DECS Policy - ICT Security
Document7 pages
DECS Policy - ICT Security
Hazirah HM
No ratings yet
Overview: Removable Media Policy of Baghdad University
Document2 pages
Overview: Removable Media Policy of Baghdad University
Omar Ayoub
No ratings yet
Information Security Review Policy 9 1 27
Document2 pages
Information Security Review Policy 9 1 27
Kate Middleton
No ratings yet
A.13.0 Communication Security 2.1
Document8 pages
A.13.0 Communication Security 2.1
Kate Middleton
No ratings yet
Communications Security Policy
Document14 pages
Communications Security Policy
Kate Middleton
No ratings yet
Dict-Qap019-V2.0 Supplier Relationships Policy
Document12 pages
Dict-Qap019-V2.0 Supplier Relationships Policy
Kate Middleton
No ratings yet
Security Aspects of Business Continuity Planning Policy
Document3 pages
Security Aspects of Business Continuity Planning Policy
Kate Middleton
No ratings yet
Information Security Policy 17 Business Continuity V n10
Document7 pages
Information Security Policy 17 Business Continuity V n10
Kate Middleton
No ratings yet
CAN Bus
Document5 pages
CAN Bus
Mustafa Özdemir
100% (2)
Data Mining MCQ, S
Document5 pages
Data Mining MCQ, S
Anu
No ratings yet
ds3231 Arduino Sketch
Document2 pages
ds3231 Arduino Sketch
Dado Gaudi
No ratings yet
Pyscript - Usando Sqlite Com Pyscript - Programação Python
Document5 pages
Pyscript - Usando Sqlite Com Pyscript - Programação Python
wallace gamma alvz
No ratings yet
Laravel 5
Document34 pages
Laravel 5
rwscorp
No ratings yet
Experiment No.1: Dbms Lab (RCS-551)
Document23 pages
Experiment No.1: Dbms Lab (RCS-551)
shriyam sharma
No ratings yet
Google Dorks English PDF
Document6 pages
Google Dorks English PDF
wdwe
No ratings yet
Versiondog UserGuide
Document20 pages
Versiondog UserGuide
sybaritz
No ratings yet
Chapter 2 - Networking
Document12 pages
Chapter 2 - Networking
kaushikarubasinghe
No ratings yet
Tesseract Training - For Khmer Language - For Posting
Document8 pages
Tesseract Training - For Khmer Language - For Posting
Kruy Vanna
100% (3)
Huawei 4G XML OSS Parameters Dump Parser
Document4 pages
Huawei 4G XML OSS Parameters Dump Parser
moses
No ratings yet
MP3 - Wikipedia
Document18 pages
MP3 - Wikipedia
Belhamidi Mohammed Houssame
No ratings yet
Lpic All Slides
Document127 pages
Lpic All Slides
Sacky Harrey
100% (1)
8051 Tutorial: Types of Memory
Document6 pages
8051 Tutorial: Types of Memory
nishant205kumar
No ratings yet
Accrual Plan Set Up
Document7 pages
Accrual Plan Set Up
Qadri Khan
100% (1)
Gui Code of Z Transform
Document10 pages
Gui Code of Z Transform
Zeeshan Rafiq
No ratings yet
First Generation Optical Network
Document68 pages
First Generation Optical Network
Ponmalar Sivaraj
50% (2)
Exercise: Basic Elements of Computer System: Objective Type Questions
Document2 pages
Exercise: Basic Elements of Computer System: Objective Type Questions
Deepak Mishra
No ratings yet
Dynamics AX Interview Questions: Technical
Document5 pages
Dynamics AX Interview Questions: Technical
ramu278
No ratings yet
CIS 2154 - Ch. 2 Worksheet
Document8 pages
CIS 2154 - Ch. 2 Worksheet
Strider Putnam
No ratings yet
Questions
Document34 pages
Questions
Vishal Tyagi
40% (5)
LSMW Step-By-Step Guide
Document22 pages
LSMW Step-By-Step Guide
Margaret Mationg
No ratings yet
Department of Cse CP7103 Multicore Architecture Unit Iii TLP and Multiprocessors 100% THEORY Question Bank
Document3 pages
Department of Cse CP7103 Multicore Architecture Unit Iii TLP and Multiprocessors 100% THEORY Question Bank
Deebika Kaliyaperumal
No ratings yet
CICS Transaction Server 4v2
Document838 pages
CICS Transaction Server 4v2
usersupreeth
No ratings yet
Onetab
Document42 pages
Onetab
Kshitij Kohli
No ratings yet
AWS Portfolio
Document76 pages
AWS Portfolio
gopugg
No ratings yet
Fortios v5.0 Notes
Document54 pages
Fortios v5.0 Notes
Andrew Webb
No ratings yet
Aissce Practical I.P 2020-21-1
Document6 pages
Aissce Practical I.P 2020-21-1
Mayank Mishra
No ratings yet
UI Path
Document22 pages
UI Path
Preethi
No ratings yet
sg245410 PDF
Document464 pages
sg245410 PDF
shyde
100% (1)