IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Safeguard Catalogue - Communications Remarks<br />

____________________________________________________________________ .........................................<br />

- Backup copies should always be made of long-lived keys, for example<br />

keys that are used for the archiving of data or for generating session keys.<br />

Backing up encrypted data<br />

Particular care needs to be taken when backing up encrypted data or when<br />

using encryption during a backup procedure. If errors occur at such times, it<br />

usually means that all of the data will be unusable, not just a few records.<br />

<strong>The</strong> long-term storage of encrypted or signed data is associated with many<br />

additional problems. It is not only necessary to see to it that the data media are<br />

regularly refreshed and that the technical components for processing these<br />

media are available at all times, it must also be ensured that the cryptographic<br />

algorithms and the key lengths still represent the state of the art. As far as the<br />

long-term archiving of data is concerned, it may therefore make more sense to<br />

store the data unencrypted and instead store it in an appropriately secure<br />

location, for example in a safe.<br />

As a precaution, the crypto modules should always be archived because<br />

experience shows that even after a number of years data may crop up which<br />

has not been stored in the archive.<br />

Backing up the configuration data of the products used<br />

When using relatively complex crypto products, it is important not to forget to<br />

back up their configuration data (see also S 4.78 Careful modifications of<br />

configurations). Once chosen, the configuration should be documented so that<br />

it can be set up again quickly after a system failure of if reinstallation becomes<br />

necessary.<br />

Additional controls:<br />

- Are there any stipulations within the company or agency regarding the<br />

safekeeping of copies of keys?<br />

- How is it ensured that data stored in encrypted form can still be accessed<br />

even after a long period of time?<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!