IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Other <strong>IT</strong> Components Standard-Software<br />

_________________________________________________________________________________________<br />

Organisation<br />

- S 2.22 (2) Escrow of passwords<br />

- S 2.25 (1) Documentation of the system configuration<br />

- S 2.31 (1) Documentation on authorised users and on rights profiles<br />

- S 2.34 (1) Documentation of changes made to an existing <strong>IT</strong> system<br />

- S 2.65 (2) Checking the efficiency of user separation on an <strong>IT</strong> System<br />

- S 2.80 (1) Drawing up a requirements catalogue for standard software<br />

- S 2.111 (2) Keeping manuals at hand<br />

- S 2.124 (1) Selection of suitable database software<br />

- S 2.125 (1) Installation and configuration of a database<br />

- S 2.126 (1) Creation of a database security concept<br />

- S 2.127 (2) Inference prevention<br />

- S 2.128 (1) Controlling access to a database system<br />

- S 2.129 (1) Controlling access to database information<br />

- S 2.130 (1) Ensuring the integrity of a database<br />

- S 2.131 (1) Separation of administrative tasks for database systems<br />

- S 2.132 (1) Rules for configuring database users / user groups<br />

- S 2.133 (2) Checking the log files of a database system<br />

- S 2.134 (2) Guidelines for database queries<br />

- S 2.135 (3) Save transfer of data to a database<br />

Personnel<br />

- S 3.4 (1) Training before actual use of a program<br />

- S 3.5 (1) Education on <strong>IT</strong> security measures<br />

- S 3.10 (1) Selection of a trustworthy administrator and his substitute<br />

- S 3.11 (1) Training of maintenance and administration staff<br />

- S 3.18 (2) Log-out obligation for PC users<br />

Hardware & Software<br />

- S 4.1 (1) Password protection for <strong>IT</strong> systems<br />

- S 4.7 (1) Change of preset passwords<br />

- S 4.67 (3) Locking and deleting database accounts which are no longer required<br />

- S 4.68 (1) Ensuring consistent database management<br />

- S 4.69 (2) Regular checks of database security<br />

- S 4.70 (3) Monitoring a database<br />

- S 4.71 (2) Restrictive utilisation of database links<br />

- S 4.72 (2) Database encryption (optional)<br />

_________________________________________________________________________________________<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Otober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!