• F&A Home
• Search
• A-Z Index
• Directories
• MyRIT

• Students
• Faculty & Staff
• Systems Administrators Resources

• Resources
• Alerts/Advisories
• Digital Self Defense
• Safe Practices
• Projects & Services
• Standards & Policies
• Forms
• About Us/Contacts

Portable Media Security Standard

• Plain English Guide
• Standard
• Approved Encryption
• Approved Portable Media

Portable media such as USB keys, flash memory, CDs/DVDs, and tapes are or are becoming a crucial part of daily business at RIT for many faculty and staff. These devices allow users to transfer and store large amounts of information easily and the use of USB keys is becoming ubiquitous at RIT.

Should I use Portable Media to transfer or store RIT Confidential information?

Unfortunately, portable media is not always designed with security in mind and are not as secure as most desktop computers. There are a number of ways in which information may be breached:

• Theft or loss of the media
• Unauthorized access

Because portable media may be more easily stolen or compromised, users must take necessary precautions when using it to transfer or store RIT Confidential information. Any portable media that stores sensitive information must be capable of being configured to ensure appropriate protection.

Approved Encryption

The RIT Information Security Office requires 128-bit or 256-bit AES encryption to protect RIT Confidential information when transferred or stored on portable media.

Approved Portable Media (updated 6/18/2009)

When handling RIT Confidential information, you should use only portable media that provides an approved encryption level.

USB Memory/flash drives

Recommended

• IronKey
• Stealth MXP™ (biometric capable)
• Stealth MXP™ Passport

Acceptable

• Lexar JumpDrive Lightning
• Lexar JumpDrive Secure 2 Plus
• Kanguru Defender
• Kanguru Defender Pro
• Kanguru Bio AES
• KanguruMicro Drive AES
• Kingston Data Traveler BlackBox
• Kingston Data Traveler Vault – Privacy Edition
• McAfee Zero-footprint Bio FIPS
• SanDisk Cruzer Enterprise

Secure Option for External Backups
MXI Outbacker MXP Bio (External HDD)

Additional Solutions

TrueCrypt Software using AES (An additional option is to use XTS cascade mode - AES-XTS, Serpent-XTS, TwoFish-XTS. Cascading is optional in any combination.)

Unacceptable

• USB memory that doesn't include encryption

Encryption of Tapes, CD’s, DVD’s, Removable Hard Drives, and Other Portable Media

Please contact Paul Lepkowski, RIT Security Engineer, for recommended encryption methods.

3rd Party Encryption Products

The RIT Information Security Office requires 128-bit or 256-bit AES encryption to protect RIT Confidential information when transferred or stored on portable media.

Last Modified: 09.28.2009 Copyright © 2000 - 2009 Rochester Institute of Technology Contact Webmaster Privacy Statement