[unisog] Sensitive Information Form for Stolen Computers for Campus Officer use?
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Tue Sep 23 00:55:09 GMT 2008
On Mon, 22 Sep 2008 14:47:44 PDT, Kim Cary said:
> I'm looking for one that you and your campus enforcement authorities
> feel good about, which details sensitive information lost with the
> computer (or certifies that none was lost). The idea is that the
> officer taking the report could required the reporting party to fill
> this out as part of the investigation. I'd like to not reinvent the
> wheel from scratch.
One case to allow for: that the user may not have any *clue* what sensitive
information was on the computer. Yes, I know it means that you need to
already have had failures in both user education and data stewardship/tracking,
but let's face it - we wouldn't even need such a form if we were perfect at
those two ("Oh, we lost machine prod-23a? That had databases X, Y, and Z on
it...")
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.sans.org/pipermail/unisog/attachments/20080922/d31af8ec/attachment.bin
More information about the unisog
mailing list