Read this whole guide offline with no ads, for a low price!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Test yourself better with 300 extra Security+ questions!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 3:  Infrastructure Security (Domain 3.0; 20%)
      9  3.2  Media

Previous Topic/Section
3.2.3  Fiber
Previous Page
Pages in Current Topic/Section
1
Next Page
3.2.4.1  Tape
Next Topic/Section

3.2.4  Removable Media

Removable media refers to data storage media that is somewhat portable, that is, it is not permanently fixed to a server or workstation. Removable media is often used for data transfer between systems, software or database product distribution, and off-site backups. In this section, we discuss various types of removable media including tape, CDR, hard drives, diskettes, flash memory cards and smart cards.

Security Issues with Removable Media

Security considerations to keep in mind, in the area of removable media, include the following:

  • It enables data to be transported outside your physical network, without being filtered through a device like an internet gateway, possibly allowing unauthorized removal of data from the site.

  • It is used to store data securely, for disaster recovery backup and archival purposes, with the expectation that the data can be retrieved from the media at a later date, if needed, so you should consider the life of the media, and the ease with which data can be restored.

  • Destruction of data on removable media, to ensure that no data can be retrieved off the media in the future, can be a challenge

Depending on your OS, the OS may “helpfully” decrypt data stored on an encrypted file system, when writing to removable media – without notifying you of the decryption

On the subject of data storage, depending on your security requirements, you may opt to encrypt data on removable media so that even if it is lost or stolen, unauthorized personnel still cannot read it.

Removable? Encrypt It!

Removable media is portable – which means that the data on it is portable also. Generally anyone with access to the physical media can read the data on it. If the data is confidential, make sure it is encrypted on the media so that even if the media is lost or stolen, the data cannot be obtained.

When using removable media for backup/archival, be sure that you are using media with a “life” long enough for your purposes, or that you have a plan to periodically restore archived data and re-write it on new removable media.

Also, when dealing with backup/archival, make sure that you regularly test the “restore” process, to make sure that you can read the data off the removable media, back on to the system.

Finally, it can be difficult to completely destroy data stored on removable media (or any media whatsoever), so care must be taken when disposing of it.


Quick navigation to subsections and regular topics in this section



Previous Topic/Section
3.2.3  Fiber
Previous Page
Pages in Current Topic/Section
1
Next Page
3.2.4.1  Tape
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.