Quote:
Originally Posted by Xaccers
They should not be, pure and simple.
Yes I've seen top secret documents strewn across desks while the occupant has been elsewhere, but everyone with access to that area had top secret access anyway so in theory were as trustworthy as the person who required the documents.
|
Documents Restricted or Secret must not be left out on desks whilst unattended, the reason is that Escorted visitors may not have the required level of clearance to view those documents.
All Restricted and Secret level documents should be locked away, also computers without suitable encryption should not contain any of these documents.
Th reason why breaches are made are often for very simple reasons. For example, I am not allowed to connect an unauthorised memory stick to a piece of equipment and copy files. The authorised memory sticks with encryption take 3 hours to backup some folders that take about 5 mins on an unencrypted stick.
I understand some people put them on an unencrypted stick, take them home and burn them on a CD. The CD can then be placed in a secure nachine and copied to he required location.
It's simple, measures are put in place to aid secuity but the impact in practice means people take more risks with data than if there was no security system in place to start with.
It's all about human nature!