Memory Stick

Confidential data stored on a memory stick must be encrypted.

Use one of the following methods:

1) Use secure memory sticks with built-in encryption.
IT Services recommends a device certified to the CESG CAPS or FIPS140-2 cryptographic standards such as the SafeXsFIPS. This is also a requirement laid down in the NHS e-Health directive.

2) Use standard memory sticks, along with TrueCrypt encryption software.

Installing TrueCrypt
Preparing an Encrypted USB Flash drive for use with TrueCrypt
Using a TrueCrypt Encrypted USB Flash Drive

The advantage of

1) is in simplicity of use but these devices are much more expensive than ordinary memory sticks. By contrast,

2) does not have any direct cost as the software is free, but it is necessary to become familiar with the software and use it correctly at all times.

Site tools

IT Services: Information Security

Memory Stick