Administrative Controls for Data Protection









               • Don’t use public wifi access


               • Avoid public or shared devices


               • Prohibit use of removable media whenever possible


               • Avoid printing to paper, shred if you must



               • Operate with a “clean desk”


               • Tell someone if data is leaked or lost


               • Use policies to document understanding from employees


               • Apply risk management to vendors and third parties


               • Routinely educate yourself and others about data security