IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Hardware & Software Remarks
____________________________________________________________________ .........................................
S 4.12 Disabling of unneeded user facilities
Initiation responsibility: Agency/company management; PBX officer;
IT Security Management
Implementation responsibility: Administrators
The scope of available user facilities should be confined to the required
minimum. Where possible, the software for features not required should be
removed from the installation. Since this often cannot be done, the only choice
is to disable these user facilities. From time to time it should be checked
whether these user facilities are actually de-activated.
Additional controls:
- Is the actual need for approved user facilities being checked?
- Is de-activation ensured of those user facilities which are not used and thus
are obviously not required?
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000