IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Non-Networked Systems and Clients <strong>IT</strong>-Security Management<br />

_________________________________________________________________________________________<br />

Infrastructure:<br />

- S 1.29 (3) Adequate siting of an <strong>IT</strong> system (optional)<br />

Organisation:<br />

- S 2.3 (2) Data media control<br />

- S 2.4 (2) Maintenance/repair regulations<br />

- S 2.9 (2) Ban on using non-approved software<br />

- S 2.10 (2) Survey of the software held<br />

- S 2.13 (2) Correct disposal of resources requiring protection<br />

- S 2.22 (2) Escrow of passwords<br />

- S 2.23 (3) Issue of PC Use guidelines (optional)<br />

- S 2.24 (3) Introduction of a PC Checklist booklet (optional)<br />

- S 2.25 (1) Documentation on the system configuration<br />

- S 2.26 (1) Designation of an Administrator and his deputy (optional)<br />

- S 2.30 (2) Provisions governing the configuration of users and user groups (optional)<br />

- S 2.31 (2) Documentation on authorised users and on rights profiles (optional)<br />

- S 2.32 (2) Establishment of a restricted user environment (optional)<br />

- S 2.34 (2) Documentation on changes made to an existing <strong>IT</strong> system (optional)<br />

- S 2.35 (2) Obtaining information on security weaknesses of the system<br />

Personnel:<br />

- S 3.4 (1) Training before actual use of a program<br />

- S 3.5 (1) Education on <strong>IT</strong> security measures<br />

- S 3.10 (1) Selection of a trustworthy administrator and a substitute (optional)<br />

- S 3.11 (1) Training of maintenance and administration staff (optional)<br />

Hardware & Software:<br />

- S 4.1 (1) Password protection for <strong>IT</strong> systems<br />

- S 4.2 (1) Screen lock<br />

- S 4.3 (2) Periodic runs of a virus detection program<br />

- S 4.4 (3) Locking of floppy-disk drive slots (optional)<br />

- S 4.15 (2) Secure log-in<br />

- S 4.17 (2) Blocking and erasure of unneeded accounts and terminals<br />

- S 4.30 (2) Utilisation of the security functions offered in application programs (optional)<br />

- S 4.44 (2) Checking of incoming data for macro viruses<br />

- S 4.48 (1) Password protection under Windows NT<br />

- S 4.49 (1) Safeguarding the boot-up procedure for a Windows NT system<br />

- S 4.50 (2) Structured system administration under Windows NT (optional)<br />

_________________________________________________________________________________________<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Otober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!