IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Non-Networked Systems and Clients <strong>IT</strong>-Security Management<br />

_________________________________________________________________________________________<br />

Infrastructure<br />

- S 1.29 (3) Adequate siting of an <strong>IT</strong> system (optional)<br />

Organisation<br />

- S 2.3 (2) Data media control<br />

- S 2.4 (2) Maintenance/repair regulations<br />

- S 2.9 (2) Ban on the use of non-approved software<br />

- S 2.10 (3) Survey of the software held<br />

- S 2.13 (2) Correct disposal of resources requiring protection<br />

- S 2.22 (2) Escrow of passwords<br />

- S 2.25 (1) Documentation of the system configuration<br />

- S 2.26 (1) Appointment of an administrator and his deputy<br />

- S 2.30 (1) Provisions governing the configuration of users and of user groups<br />

- S 2.31 (1) Documentation on authorised users and on rights profiles<br />

- S 2.32 (2) Establishment of a restricted user environment<br />

- S 2.33 (2) Division of Administrator roles under UNIX<br />

- S 2.34 (1) Documentation of changes made to an existing <strong>IT</strong> system<br />

- S 2.35 (1) Obtaining information on security weaknesses of the system<br />

Personnel<br />

- S 3.4 (1) Training before actual use of a program<br />

- S 3.5 (1) Education on <strong>IT</strong> security measures<br />

- S 3.10 (1) Selection of a trustworthy administrator and his substitute<br />

- S 3.11 (1) Training of maintenance and administration staff<br />

Hardware & Software<br />

Access to the UNIX system<br />

- S 4.2 (2) Screen lock<br />

- S 4.7 (1) Change of preset passwords<br />

- S 4.13 (1) Careful allocation of identifiers<br />

- S 4.14 (1) Mandatory password protection under UNIX<br />

- S 4.15 (2) Secure log-in<br />

- S 4.16 (3) Restrictions on access to accounts and/or terminals<br />

- S 4.17 (2) Blocking and deletion of unnecessary accounts and terminals<br />

- S 4.18 (1) Administrative and technical means to control access to the system-monitor<br />

single-user mode<br />

and<br />

- S 4.105 (1) Initial measures after a Unix standard installation<br />

Allocation of attributes / Working with the UNIX system<br />

_________________________________________________________________________________________<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Otober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!