A.10.8 Exchange of information

Objective: To maintain the security of information and software exchanged within an organization and with any external entity.

A.10.8.1 Information exchange policies and procedures

Control

Formal exchange policies, procedures, and controls shall be in place to protect the exchange of information through the use of all types of communication facilities.

A.10.8.2 Exchange agreements

Control

Agreements shall be established for the exchange of information and software betweenthe organization and external parties.

A.10.8.3 Physical media in transit

Control

Media containing information shall be protected against unauthorized access, misuse or corruption during transportation beyond an organization’s physical boundaries.

A.10.8.4 Electronic messaging

Control

Information involved in electronic messaging shall be appropriately protected.

A.10.8.5 Business information systems

Control

Policies and procedures shall be developed and implemented to protect information associated with the interconnection of business information systems.

 DES's award winning DESlock+ encryption software helps organisations and individuals to protect against all types of data breach by offering a simple, yet extremely powerful set encryption tools to protect data in transit and at rest. To meet the needs of Government and corporate bodies the DESlock+ software is certified in the UK by CESG - the UK national technical authority for information, assurance under its Claims Tested Mark (CCTM) scheme. DESlock+ also meets the rigorous FIPS-140-2 standard in the US and is validated by the National Institute of Standards and Technology (NIST). Available as DESlock Standard or DESlock PRO  

IronKey Enterprise secures data with always-on hardware encryption to meet compliance and data protection requirements.  All user data on an IronKey Enterprise drive is encrypted with high-speed, AES CBC-mode encryption. IronKey Enterprise is deployed quickly using the cloud-based IronKey Enterprise Management Service. Administrators are in full control of deployed devices and if needed can remotely disable devices and wipe data. IronKey Enterprise logs device use for reporting and compliance.

Encryption Partners

 Check Point have fully implemented the Point Sec product to their Full Disk Encryption range in order to offer security management and data protection.  FIPS-140-2 Certified

  CREDANT Technologies offers the flexibility to choose the encryption solution that best meets your data protection and compliance needs, delivering data encryption across any endpoint - desktops, laptops, handheld devices and removable media - including our patented, intelligent data encryption solutions as well as new hardware and software-based full-disk encryption offerings.  FIPS-140-2 Certified

Safend Encryptor enforces an enterprise wide encryption policy to protect the data stored on laptop and desktop hard disks, so that sensitive data cannot be read by unauthorized users in the case of loss or theft. Safend Encryptor utilizes Total Data Encryption technology that automatically encrypts all data files, while avoiding unnecessary encryption of the operating system and program files. This innovative concept minimizes the risk of operating system failure, and has a negligible performance impact. Leveraging this unique encryption technology, Safend Encryptor provides transparent hard disk encryption.