Only approved USB keys will be allowed, and the department is acquiring a large number of encrypted USB keys. As a result, portable hard drives are no longer allowed to be plugged into the network, nor are personal devices that use a USB connection. We are monitoring the network and accessing the network on a regular basis and moving to ensure that none of these devices are connected, which is a big step in preventing the movement of data off of the network, which is encrypted.
The other significant measure is the implementation of the data loss protection software. This will tell us exactly what sensitive information is on the network, where it is, and how it's stored, and it will allow us to take appropriate measures to make sure it's secure.
I repeat, the network is encrypted. It will also allow us to deal with the movement of the data. We can control or prevent the movement of data once this software is in place. These are very important measures that we're taking in response to the incident.