IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Telecommunications Fax Servers<br />

_________________________________________________________________________________________<br />

Organisational Shortcomings<br />

- T 2.7 Unauthorised use of rights<br />

- T 2.9 Poor adjustment to changes in the use of <strong>IT</strong><br />

- T 2.22 Lack of evaluation of auditing data<br />

- T 2.63 Uncontrolled use of Faxes<br />

Human Failure<br />

- T 3.3 Non-compliance with <strong>IT</strong> security measures<br />

- T 3.14 Misjudgement of the legal force of a fax<br />

Technical Failure<br />

- T 4.15 Fax transmission errors<br />

- T 4.20 Data loss due to exhausted storage medium<br />

Deliberate Acts<br />

- T 5.2 Manipulation of data or software<br />

- T 5.7 Line tapping<br />

- T 5.9 Unauthorised use of <strong>IT</strong> systems<br />

- T 5.24 Replay of messages<br />

- T 5.25 Masquerading<br />

- T 5.27 Repudiation of a message<br />

- T 5.30 Unauthorised use of a fax machine or fax server<br />

- T 5.31 Unauthorised reading of fax transmissions<br />

- T 5.32 Evaluation of residual information in fax machines and fax servers<br />

- T 5.33 Impersonation of wrong sender on fax transmissions<br />

- T 5.35 Deliberate overload through fax transmissions<br />

- T 5.39 Infiltrating computer systems via communication cards<br />

- T 5.90 Manipulation of address books and distribution lists<br />

Recommended Countermeasures (S)<br />

For the implementation of <strong>IT</strong> baseline protection, selection of the required packages of safeguards<br />

("modules"), as described in Sections 2.3 and 2.4, is recommended.<br />

As a first step a comprehensive set of security guidelines for the fax server should be prepared (see<br />

S 2.178) and a suitable fax server should be procured (see S 2.181 Selection of a suitable fax server).<br />

<strong>The</strong>se should be used as the basis for developing appropriate procedures. Finally, Fax Officers should<br />

be appointed for the fax server (see S 3.10 Selection of a trustworthy administrator or deputy and<br />

S 2.180 Setting up a fax mail centre). Both the security guidelines and the procedures based on them<br />

and the appointment of Fax Officers should be effected in writing. <strong>The</strong>se specifications should then be<br />

implemented in the form of specific security measures. As well as secure operation of the fax server, it<br />

_________________________________________________________________________________________<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Otober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!