Re: A good start
I'd like my fridge to be able to import my CA certificates, so I can inspect its SSL traffic to and from the supermarket.
10 publicly visible posts • joined 4 Dec 2009
Not only protects complete hard drive encryption everything stored on it from nosy outsiders, it also prevents them from adding nasty stuff to your OS, using WinPE or Knoppix. So besides confidentiality, it also adds protection to the integrity of your systems.
After that, go for a policy that forces the encryption of everything that is copied from a company computer to any USB stick.
After that go for DLP to protect from confidential being data sent out to websites, e-mail addresses or over IM. Or you begin with that.