Risk Level: Medium Risk
-
Multi-factor authentication on Servers and Applications
—
by
Utilize multi-factor authentication for remote interactive user and administrator logins
-
Data inventory
—
by
Create and maintain an information inventory that includes classification level, information owner, and users with access.
-
Protect paper documents
—
by
Lock hard copy information records in a file cabinet within a locked office.
-
Physical security of storage
—
by
Restrict physical access to any storage facility that contains physical media with this level of information. Only authorized individuals may have access either through a physical or electronic key.
-
Traveling with Media
—
by
Plan ahead to keep paper research data and forms (e.g., field notes, observations, interviews, informed consents) secure while traveling abroad.