IT Baseline Protection Manual - The Information Warfare Site

Threats Catalogue Deliberate Acts Remarks
____________________________________________________________________ .........................................
T 3.13 Transfer of incorrect or undesired data
records
It is possible that data media intended for dispatch might contain data from
earlier transactions not meant for disclosure to the recipient. If this data is not
physically and intentionally deleted, it will be possible for the recipient to
view it.
If the data to be transferred is located within a directory containing additional
data requiring protection, there is the danger that they will be transferred
inadvertently to the data medium as well (e.g. by copy *.*) and become
accessible to the (unauthorised) recipients.
If data records have to be sent directly via data networks instead of ‘storage’
media (e-mail via the Internet, modem links, Intranets, X400 service),
communication programs offer the possibility to use short descriptions for
complex address and distribution lists for multiple dispatch. If such
distribution lists are not kept centrally or not updated at regular intervals, data
records might be sent to addresses of persons who are no longer authorised.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000