The Center for Internet Security Controls or CISControls have become an industry standard to help businesses and organizations of all sizes to maintain an industry standard of Cybersecurity controls.

Safeguard 3.9 continues the conversation Encryption we started in Safeguard 3.6 and requires all removable media to be encrypted. That is any USB drive, flash media, external backup tapes, or other removable media to be encrypted.

While Safeguard 3.9 is only required for Implementation Groups 2 and 3 it should be strongly considered as part of your implementation for your security foundation, as it is one of the easiest methods of ensuring data security on removable media.

Some organizations will document procedures banning the use of external media and that's a solid policy, but as we have moved to the modern workplace of home and the office the need for these devices has grown. Even Road Warriers may need their use to drop a Powerpoint to the A/V team in order to give their presentation.

With how small they have become and the ease of loss, even with the best policy, implementation Safeguard 3.9 is a great step to securing your data.

Join the conversation - https://www.linkedin.com/posts/scottintech_ciscontrols-cybersecurity-encryption-activity-7086749329364762625-8fkb?utm_source=share&utm_medium=member_desktop