For the handling use, storage, transport and disposal of information:
- Use proportionate good practice precautions against accidental or opportunistic compromise.
- Control access to sensitive assets through local business processes and dispose of with care to make reconstitution unlikely.
If you need to move assets by post or courier…
- Include the return address.
- Never mark the security classification on the envelope.
- Consider double envelope for sensitive assets.
- Consider using registered Royal Mail service or reputable commercial courier’s “track and trace” service.
If you need to move assets/data by removable media…
- The use of removable media will be minimised; other approved information exchange mechanisms should be used where available in preference.
- Any information moved to or transferred by removable media must be minimised to the extent required to support the business requirement.
- Consider appropriate encryption to protect the content.
