Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
PR.DS-01.4: The organisation shall define and enforce clear policies and practical safeguards to manage and restrict the use of portable storage media, in order to reduce the risk of data leakage, unauthorised access, and malware introduction. |
|
PR.DS-01.4 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p79 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p111 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
<div><p>The goal of this control is to reduce the risk of data leakage, unauthorised access, and malware introduction by defining and enforcing clear policies and safeguards for the use of portable storage media. To achieve this goal, the organisation should:</p><ul><li>Define and Communicate Policy<ul><li>A documented policy on acceptable use of portable storage devices (e.g. USB drives, SD cards, external hard disks) should be established.</li><li>The policyshould be communicated during onboarding and reinforced through regularsecurityawareness training.</li></ul></li><li>Control Device Usage<ul><li>Only organisation-approved portable storage devices should be permitted.</li><li>An inventory of approved devices should be maintained and linked to specific users or departments.</li></ul></li><li>Apply Practical Safeguards<ul><li>Access Control: Devices should require user authentication (e.g. password protection).</li><li>Encryption: Data on portable devices should be encrypted using hardware-encrypted drives or software tools such as BitLocker To Go or VeraCrypt.</li><li>Read-OnlyMode: Devices used for distribution (e.g. software updates) should be configured as read-only.</li><li>Malware Scanning: Devices should be scanned for malware before and after use.</li><li>Physical Security: Devices should be stored securely (e.g. in locked drawers or cabinets) when not in use.</li></ul></li><li>Monitor and Log Usage<ul><li>On managed systems, USB device connections and file transfers should be logged using endpoint manage- ment tools.</li><li>Logs should be reviewed periodically to detect unauthorised use or anomalies.</li></ul></li><li>Examples<ul><li>Afield technician should use a company-issued, encrypted USB drive to collect data from remote sensors. The drive should be scanned before and after use, and data should be uploaded to a secure server upon return.</li><li>A marketing team should use a read-only USB stick to distribute promotional materials at a trade show, thereby preventing any data from being copied back onto the device.</li></ul></li></ul></div> |
|
A general note, for any purpose. |
The goal of this control is to reduce the risk of data leakage, unauthorised access, and malware introduction by defining and enforcing clear policies and safeguards for the use of portable storage media. To achieve this goal, the organisation should: • Define and Communicate Policy o A documented policy on acceptable use of portable storage devices (e.g. USB drives, SD cards, external hard disks) should be established. o The policyshould be communicated during onboarding and reinforced through regularsecurityawareness training. • Control Device Usage o Only organisation-approved portable storage devices should be permitted. o An inventory of approved devices should be maintained and linked to specific users or departments. • Apply Practical Safeguards o Access Control: Devices should require user authentication (e.g. password protection). o Encryption: Data on portable devices should be encrypted using hardware-encrypted drives or software tools such as BitLocker To Go or VeraCrypt. o Read-OnlyMode: Devices used for distribution (e.g. software updates) should be configured as read-only. o Malware Scanning: Devices should be scanned for malware before and after use. o Physical Security: Devices should be stored securely (e.g. in locked drawers or cabinets) when not in use. • Monitor and Log Usage o On managed systems, USB device connections and file transfers should be logged using endpoint manage- ment tools. o Logs should be reviewed periodically to detect unauthorised use or anomalies. • Examples o Afield technician should use a company-issued, encrypted USB drive to collect data from remote sensors. The drive should be scanned before and after use, and data should be uploaded to a secure server upon return. o A marketing team should use a read-only USB stick to distribute promotional materials at a trade show, thereby preventing any data from being copied back onto the device. |
|
A general note, for any purpose. |
The goal of this control is to reduce the risk of data leakage, unauthorised access, and malware introduction by defining and enforcing clear policies and safeguards for the use of portable storage media. To achieve this goal, the organisation should: - Define and Communicate Policy - A documented policy on acceptable use of portable storage devices (e.g. USB drives, SD cards, external hard disks) should be established. - The policyshould be communicated during onboarding and reinforced through regularsecurityawareness training. - Control Device Usage - Only organisation-approved portable storage devices should be permitted. - An inventory of approved devices should be maintained and linked to specific users or departments. - Apply Practical Safeguards - Access Control: Devices should require user authentication (e.g. password protection). - Encryption: Data on portable devices should be encrypted using hardware-encrypted drives or software tools such as BitLocker To Go or VeraCrypt. - Read-OnlyMode: Devices used for distribution (e.g. software updates) should be configured as read-only. - Malware Scanning: Devices should be scanned for malware before and after use. - Physical Security: Devices should be stored securely (e.g. in locked drawers or cabinets) when not in use. - Monitor and Log Usage - On managed systems, USB device connections and file transfers should be logged using endpoint manage- ment tools. - Logs should be reviewed periodically to detect unauthorised use or anomalies. - Examples - Afield technician should use a company-issued, encrypted USB drive to collect data from remote sensors. The drive should be scanned before and after use, and data should be uploaded to a secure server upon return. - A marketing team should use a read-only USB stick to distribute promotional materials at a trade show, thereby preventing any data from being copied back onto the device. |
|
A general note, for any purpose. |
The goal of this control is to reduce the risk of data leakage, unauthorised access, and malware introduction by defining and enforcing clear policies and safeguards for the use of portable storage media. To achieve this goal, the organisation should: - Define and Communicate Policy - A documented policy on acceptable use of portable storage devices (e.g. USB drives, SD cards, external hard disks) should be established. - The policyshould be communicated during onboarding and reinforced through regularsecurityawareness training. - Control Device Usage - Only organisation-approved portable storage devices should be permitted. - An inventory of approved devices should be maintained and linked to specific users or departments. - Apply Practical Safeguards - Access Control: Devices should require user authentication (e.g. password protection). - Encryption: Data on portable devices should be encrypted using hardware-encrypted drives or software tools such as BitLocker To Go or VeraCrypt. - Read-OnlyMode: Devices used for distribution (e.g. software updates) should be configured as read-only. - Malware Scanning: Devices should be scanned for malware before and after use. - Physical Security: Devices should be stored securely (e.g. in locked drawers or cabinets) when not in use. - Monitor and Log Usage - On managed systems, USB device connections and file transfers should be logged using endpoint manage- ment tools. - Logs should be reviewed periodically to detect unauthorised use or anomalies. - Examples - Afield technician should use a company-issued, encrypted USB drive to collect data from remote sensors. The drive should be scanned before and after use, and data should be uploaded to a secure server upon return. - A marketing team should use a read-only USB stick to distribute promotional materials at a trade show, thereby preventing any data from being copied back onto the device. |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
PR.DS-01.4 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Portable storage media policy |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
The organisation shall define and enforce clear policies and practical safeguards to manage and restrict the use of portable storage media, in order to reduce the risk of data leakage, unauthorised access, and malware introduction. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_BASIC_to_IMPORTANT |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
19 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 21 of 21
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1