Media Protection

Protect system media containing CUI by implementing physical and digital safeguards against unauthorized access, damage, and theft.

Limit access to CUI on system media by restricting it to authorized users with a documented business need.

Sanitize or destroy media containing CUI before disposal or reuse to prevent unauthorized recovery of sensitive data.

Mark media with CUI indicators and distribution limitations to identify sensitivity and control distribution.

Control access to media containing CUI during transport and maintain accountability through documented transfer procedures.

Implement cryptographic mechanisms to protect CUI on portable storage devices such as external drives and USB sticks.

Control the use of removable media on system components to prevent unauthorized data transfer or loss of CUI.

Prohibit the use of portable storage without identifiable owner to prevent unauthorized data transfer and ensure accountability.

Protect CUI at backup storage locations with the same controls as primary storage to prevent data loss or unauthorized access.