Smart questions
Smart answers
Smart people
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Member Login
Remember Me
Forgot Password?
Join Us!

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips now!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
Join Tek-Tips
*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

LINK TO THIS FORUM!

Add Stickiness To Your Site By Linking To This Professionally Managed Technical Forum.
Just copy and paste the
code below into your site.

Tek-Tips LinkedIn® Group

Partner With Us!

"Best Of Breed" Forums Add Stickiness To Your Site
Partner Button
(Download This Button Today!)

Feedback

"...I think this forum rocks it has saved my bacon many many times..."
More...

Geography

Where in the world do Tek-Tips members come from?
Click Here To Find Out!

Tek-Tips Shirts!

Get Tek-Tips Swag
Get your
Tek-Tips Forums
SWAG here!
Home > Forums > Trends and Strategies > Keeping Ahead of the Curve > Information Technology Ethics in the Workplace Forum

portable memory device policy

thread717-1681166
Read More Threads Like This One
123tom (Vendor)
22 Apr 12 16:10
Comments welcomed. Why are portable memory device use so commonly allowed at work? Especially, when the ability to manage these devices like iPads, Flash drive, USB Sticks and so on not in place? How can you be compliant for HIPPA, SOX or other laws and still not manage the use of portable memory?  
hilfy ( IS/IT--Management)
23 Apr 12 15:31
Everywhere I've worked that has to comply with these types of laws not only has policies in place, but also has things set up so that users either cannot connect to these types of USB memory devices or they monitor that these types of devices are in use.  My current client (a large financial company) also does not allow the vast majority of users to send attachments outside of the company.

However, all of these are larger, more mature organizations that have string security policies and automated monitoring in place.

-Dell

A computer only does what you actually told it to do - not what you thought you told it to do.

kmcferrin (MIS)
30 Apr 12 12:42
Disabling access to portable media/memory devices is trivial.  Furthermore, the requirements of HIPAA (only one P) and SOX tend to be a little vague on the specifics.  They talk a lot about best practices without saying what those practices are.  As far as iPads/tablets, third-party computers, and so on, there are a number of security tools available that allow you to securely deliver applications to those devices while still preventing data leakage (usually through Citrix/RDP, VDI, or similar techniques).

________________________________________
CompTIA A+, Network+, Server+, Security+
MCTS:Windows 7
MCSE:Security 2003
MCITP:Server Administrator
MCITP:Enterprise Administrator
MCITP:Virtualization Administrator 2008 R2
Certified Quest vWorkspace Administrator

Read More Threads Like This One

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Back To Forum

Back To Information Technology Ethics in the Workplace

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close