A reader asked me about OPSEC during the writing of a project report.
Well, first of all the way we work is by compartmentalizing the projects. If a member of the Team is not part of the project, he or she doesn't have to know about the project's details. We do this to prevent sesitive information from being leaked accidentally.
We also assign a codename to each customer and each project for that customer also gets a specific codename. This enables us to keep the projects and customer names on a need-to-know basis and ptotected. If we are with one customer and we need to discuss a specific project on the phone about another customer, we can do so safely by using the codenames. We don't tell our customers who our other customers are. We keep each customer secret and private.
On the hardware side, we try to minimize the use of paper. When possible no paper is used at all. If we need to print something, we lock the hard copies before leaving the desk.
The electronic copies of reports and other sensitive data is kept encrypted on site and off site as a backup.
I'm sure I'm forgetting something, but these are the basics.