2. It is unlikely that without the aid of metal detectors and full body searches you’ll be able to completely ban or prevent the use of portable storage devices within your organisation. Especially as more and more employees work from increasingly disparate and varying locations. Therefore a key element of any security policy should seek to protect the data on those devices and state that only password protected USB devices should ever be used to store corporate data.
3. No computer or tablet not ‘locked down’ by IT should ever be connected to the corporate network, either from inside (fixed line or BYOD) or outside (VPN of VDI). Equally though, your security policy needs to actually enable your business, so in order to ensure you can accomplish this without causing a lot of user frustration consider allocating employees a corporate computer for use inside the network and an IT secured USB device for outside.
Add to favorites 
