I know of one company that sent a suposedly wiped disk to a police force who later discovered evidence of a previous case. If someone needs a drive to put evidence onto they get a new one shipped direct from the supplier.
If IIoC has ever been on a drive then it is marked as such and when it is retired it is destroyed.
I rarely need to send a drive with any sort of evidence to a third party - and the overhead to encrypt the data using truecrypt at this stage has never been an issue.
I do think managing risk is an important part of what we do, but don't (for a smaller company) see the need to encrypt every disk, just in case. If you feel a drive can inadvertantly leave the lab then perhaps your procedures need revisting
↧