NordLayer – The importance of multi-factor authentication for remote access 3.5 3.5.2 3.5.3 3.7 3.7.5 Identification and Authentication Maintenance
This blog post describes why multifactor authentication (MFA) is important for remote access.
SEARCH RESULTS
NSA – Media Destruction Guidance 3.7 3.7.3 3.8 3.8.3 Maintenance Media Protection
NSA's Center for Storage Device Sanitization Research (CSDSR) guides the sanitization of information system (IS) storage devices. Resources for a vendor of storage device sanitization, the NSA Evaluated Products Lists (EPLs), and contact information for the Center for Storage Device Sanitization Research are provided on this page.
OPSWAT – Removable Media Policy: Guidelines & Best Practices 3.1 3.1.21 3.7 3.7.4 3.8 3.8.5 3.8.6 3.8.7 3.8.8 Access Control Maintenance Media Protection
Implementing a removable media policy helps organizations control how employees use USB drives, external hard drives, and other portable storage devices. The main purpose is to prevent data breaches and malware infections while keeping sensitive company information secure. These policies set clear rules about what's allowed and what isn't, helping businesses stay compliant with important security standards like ISO 27001, NIST, and Department of Defense requirements.
RedHat – Using USBGuard 3.1 3.1.21 3.7 3.7.4 3.8 3.8.5 3.8.6 3.8.7 3.8.8 Access Control Maintenance Media Protection
The USBGuard software framework provides system protection against intrusive USB devices by implementing basic whitelisting and blacklisting capabilities based on device attributes.
SANS – Removable Media Policy 3.1 3.1.21 3.7 3.7.4 3.8 3.8.5 3.8.6 3.8.7 3.8.8 Access Control Maintenance Media Protection
This sample policy provided by SANS discusses removable media.
SANS – Technology Equipment Disposal Policy 3.7 3.7.3 3.8 3.8.3 Maintenance Media Protection
This is a equipment disposal policy created by SANS that can be freely used.
Stanford – Data Sanitization 3.7 3.7.3 3.8 3.8.3 Maintenance Media Protection
This is Stanford University’s policy for data sanitization.
State of Georgia – System Maintenance Policy 3.5 3.5.2 3.5.3 3.7 3.7.5 Identification and Authentication Maintenance
This example policy from the State of Georgia provides a starting point for system maintenance.
US-CERT – The Risk of Using Portable Devices 3.1 3.1.21 3.7 3.7.4 3.8 3.8.5 3.8.6 3.8.7 3.8.8 Access Control Maintenance Media Protection
This paper focuses on the risks associated with simple media devices and smart media devices.
Western University – Current Recommended Practices for Destroying Data and/or Data Devices 3.7 3.7.3 3.8 3.8.3 Maintenance Media Protection
This is Western University’s recommended practices for destroying data and/or data devices.