Our Partners close more business.
Use these powerful resources to win more business, faster, with less effort.
Call 877-411-2220 x121 for personal support with any opportunity.
RESET SEARCH
Hosting Quote Estimator
GET a FREE Sandbox or Trial Environment NOW
How To Use This Tool:
To find answers to common RFP and RFI questions, select a tag, or, search for terms like "security", "performance", etc. You will find common questions and answers grouped together in one record. Follow the tag links to refine your search. Supporting downloads and documentation are available, below.
Please login to obtain download access to additional supporting documentation. Registered users can also contribute to the database. You can request access by Contacting Us.
Supporting Documents
Please note that assets with generic thumbnail require login for access. If you require access please Contact Us.
© Omegabit LLC, 2023
Enter a Search Phrase or Select a Tag
Content with tag media policy .
Media Policy and Procedures
Q:
Do you have formal policy and procedures which document your media protection controls?
Do you use removable media for storing and processing client related data? If yes, do you mark each removable media in a manner indicating the distribution limitations, handling requirements, and applicable security markings of the information? Removable information system media include both digital media (e.g., diskettes, magnetic tapes, external/removable hard drives, flash/thumb drives, compact disks, digital video disks) and non-digital media (e.g., paper, microfilm).
Do you encrypt digital media or mobile devices (e.g., tapes, external/removable hard drives, CDs, DVDs, flash/thumb drives, laptops, tablets and etc.) containing Federal Reserve related data?
A:
Classification and handling varies by Client requirements. However, as it relates to the transmission of PII or other sensitive data, strong, modern cipher-based encryption is employed, and only using methods and under circumstances explicitly authorized by the Client. All physical media is labeled (except where intentionally obfuscated), serialized, and traceable. Electronic transmission is preferred.
Only when requested and approved by the Client and confirmed to be commensurate with operating restrictions and audit controls stipulated by the Client for specifically authorized individuals.
N/A; per Client requirements is supported.
Media Policy - Security and Restrictions
Q:
Do you have secure media transport policy and procedures?
Do you have media (both digital and non-digital) re-use, destruction and disposal policy and procedures?
Do you use mobile device? If yes, do you have a policy on mobile use, and can you remote wipe devices?
Do you restrict the use of unapproved external media attaching to organizational systems and network?
A:
ref: Omegabit IT Security document TOC, Part 1, Section 5 and 6
Yes, per NIST 800-88 r1 standards using certified commercial providers and documentation.
Yes. All mobile communications take place via secure channels and sensitive information is stored in encrypted format. Most sensitive information is intentionally centralized on secure servers. All mobile device data is encrypted. Devices are wiped or physically destroyed before retirement or change of ownership using industry-approved sanitization methods. Mobile devices with access to sensitive information can be remotely wiped.
Yes, Omegabit follows strict policies concerning the introduction of unauthorized hardware, and also operates using encryption and remote access standards and controls that pre-assume that every human-accessible node not protected by secure facilities controls (e.g., regular office and admin workstations), are at risk to all network entities, and are hardened by default as if operating on an uncontrolled public network; meaning, not even internal LAN network communications are considered "trusted" except under the cloak of encrypted channels, systemically. The exception is with cloud infrastructure that is intentionally configured for clear-channel communications between localized and otherwise hardened and protected nodes via dedicated isolated linkages, for performance (e.g. VMWare control and HA communications).