You work in the IT department of a medium-sized company. Confidential information has got into
the wrong hands several times. This has hurt the image of the company. You have been asked to
propose organizational security measures for laptops at your company. What is the first step that
you should take?

A.
Formulate a policy regarding mobile media (PDAs, laptops, smartphones, USB sticks)

B.
Appoint security personnel

C.
Encrypt the hard drives of laptops and USB sticks

D.
Set up an access control policy

Explanation: