Information Handling Best Practice
All users are responsible for safeguarding and monitoring sensitive data against unauthorized disclosure, modification, and destruction. Sensitive data may be used only for KCTCS related business in accordance with its policies and standards. A wide variety of third parties have entrusted their sensitive data to KCTCS for business purposes, and all employees should safeguard the privacy and security of this information.
KCTCS ensures that sensitive data is properly handled, whether being transmitted within the organization or to a trusted external third party. This document provides guidance on how to handle sensitive data, including the physical security requirements and the distribution of sensitive data internally and externally.
Sensitive Data Storage
All documents containing sensitive data should be stored appropriately to reduce the potential for disclosure. Documents should not be easily accessible to unauthorized individuals and any documents containing sensitive information should be placed with identifying information face down on counters and desks. These documents should not be left out on desks or countertops after business hours and should be placed in locked storage bins, locked desk drawers, or other secure areas.
Sensitive authentication data should not be stored after authorization, even if encrypted.
The full contents of the magnetic stripe located on the back of a card, or equivalent data contained on a chip (also called full track, track, track 1, track 2, and magnetic-stripe data) should never be stored. If required for normal business processes, the cardholder's name and primary account number (PAN), expiration date, and the service code elements should be securely stored and transmitted according to the standards presented in PCI v3.0
The card verification code or value (CVV, CID, CVV2), the three-digit or four-digit number printed on the front or back of a payment card, used to verify card-not present transactions should not be retained and need to be destroyed, immediately after processing the card transaction.
Personal identification numbers (PIN) or the encrypted PIN block should never be stored, written down, or shared with unauthorized individuals.
If cardholder data needs to be retained, the primary account number (PAN) should be rendered unreadable anywhere it is stored, including portable digital media, backup media, and logs. PAN is expected to be rendered unreadable using one-way hashes based on strong cryptography, truncation, index tokens and pads, or strong cryptography with associated key-management processes and procedures.
The retention of sensitive data is encouraged across all affected hardware and software solutions that pass or store sensitive information. It is advised that data not be kept any longer than necessary for the purpose it serves.
Sensitive Data Storage on Laptops
In cases where sensitive data is managed or stored on laptops, the information should be encrypted.
Sensitive Data Destruction
All media containing sensitive data including electronic, hardcopy, photocopy, etc., should be destroyed when it is no longer needed for business or legal reasons.
Electronic Media Destruction
Electronic storage media containing sensitive data including hard disks, portable drives, tape media, and CD/DVDs need to be rendered unrecoverable so that sensitive data cannot be reconstructed by secure wiping, degaussing, or physical destruction such as grinding or shredding hard disks.
Hardcopy Media Destruction
All hardcopy materials containing sensitive data that are generated in the course of copying, printing, or other sensitive information handling should be destroyed by shredding, incineration, or pulping processes so that sensitive data cannot be reconstructed.
Strict controls are in place to limit the accessibility of storage media containing sensitive data. All media containing sensitive data should be distributed in a secure manner both internally and externally. If it is necessary to remove computer-readable sensitive information from the secure area, the information must be protected with encryption.
All storage media containing sensitive data should be physically secured at all times.
KCTCS applies data disk encryption to ensure safe removal of hardware and electronic media to ensure sensitive data is secured going into and out of a facility, and the movement of these items within a facility.
If media is not inventoried, It is at risk for loss of identification in the event it is lost or stolen.
Displaying Sensitive Data
When the PAN is required to be displayed, it should be masked to only display the first six and last four digits of the PAN.
Transmission of Sensitive Data
Strong cryptography and security protocols should be used to safeguard sensitive data during transmission over open, public networks. Secure protocols such as SSL/TLS, IPSEC, SSH, etc. are the most effective means transmitting and safeguarding sensitive data.
End-user messaging technologies including e-mail, instant messaging, chat, etc. should never be used to send an unprotected primary account number (PAN).
Safeguards for Documents
All documents containing sensitive data are expected to be stored appropriately to reduce the potential for disclosure. Documents should not be easily accessible to unauthorized individuals and any documents containing sensitive information should be placed with identifying information face down on counters and desks. These documents should not be left out on desks or countertops after business hours and should be placed in locked storage bins, locked desk drawers, or other secure areas.
When discarding documents containing sensitive data, use a cross-cut shredder or place the document in a locked bin specifically designated as a shredding bin where the documents will be retrieved for shredding.