IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Safeguard Catalogue - Communications Remarks<br />

____________________________________________________________________ .........................................<br />

System data:<br />

On the network server: medium-level confidentiality (passwords are<br />

stored in the encrypted form)<br />

On PC's: Not confidential<br />

Application data:<br />

Files of written correspondence: Individual files are of medium-level<br />

confidentiality; all the data together are of high-level confidentiality<br />

Customer database: High-level confidentiality<br />

Protocol data:<br />

High-level confidentiality (data disclosing personality profiles)<br />

Integrity requirements<br />

Data backups must ensure that data are stored integrally and not modified<br />

during the period of storage. <strong>The</strong> importance of this increases with the<br />

integrity requirements of the data in question. <strong>The</strong> integrity requirements of<br />

the data to be backed up must therefore be stated.<br />

Sample result 9: Integrity requirements<br />

Software: <strong>The</strong> software must meet high integrity requirements<br />

System data:<br />

On the network server: High-level integrity requirements (due to<br />

rights administration)<br />

On PC's: High-level integrity requirements<br />

Application data:<br />

Files of written correspondence: Individual files have medium-level<br />

integrity requirements<br />

Customer database: High-level integrity requirements<br />

Protocol data:<br />

Before evaluation, these data have high-level integrity requirements;<br />

following evaluation, the data still requiring storage have mediumlevel<br />

integrity requirements<br />

Knowledge and data-processing competence of <strong>IT</strong> users<br />

To determine whether <strong>IT</strong> users, specially appointed employees or the system<br />

administrators are to carry out data backups, the knowledge and data<br />

processing capabilities of <strong>IT</strong> users as well as the tools available to them must<br />

be given primary consideration. If the time required by <strong>IT</strong> users for carrying<br />

out data backups is too long, this should be stated.<br />

Sample result 10: Knowledge<br />

Network administrators possess sufficient knowledge to carry out data<br />

backups on network servers. <strong>IT</strong> users of PC's possess sufficient knowledge<br />

and competence to independently perform backups of the PC system data.<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!