IT Baseline Protection Manual - The Information Warfare Site

Threats Catalogue Deliberate Acts Remarks
____________________________________________________________________ .........................................
T 2.7 Unauthorised use of rights
Rights of admission and of access to hardware and software are applied as
organisational measures to ensure secure and proper use of IT systems and
processes. If such rights are granted to the wrong person, or if a right is
abused, the result may be a variety of hazards which can impair the confidentiality
and integrity of data or the availability of computer performance.
Example:
During the absence of the archive keeper, a work scheduler who is not
authorised to have access to the data medium archives takes some magnetic
tapes for the purpose of making backup copies. Due to such uncontrolled
removal of media, the inventory list of the data medium archives is not
updated, and the tapes cannot be located during this period.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000