IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Safeguard Catalogue Infrastucture Remarks<br />

____________________________________________________________________ .........................................<br />

S 1.32 Adequate siting of the consoles, devices with<br />

exchangeable data media, and printers<br />

Initiation responsibility: Head of <strong>IT</strong> Section: PBX officer; <strong>IT</strong> Security<br />

Management<br />

Implementation responsibility: Administrators<br />

This measure serves to protect the interfaces of an <strong>IT</strong> system against external<br />

factors in order to meet the security requirements, also in these cases, as<br />

regards stored and processed data, which are ensured within the <strong>IT</strong> system by<br />

the internal security mechanisms and by measures taken in the<br />

hardware/software field. <strong>Protection</strong> against unauthorised reading of information,<br />

which within the system is ensured by access control mechanisms,<br />

must, at these interfaces, be provided primarily by infrastructure or<br />

organisational measures.<br />

In order to prevent manipulation of the console, of devices with exchangeable<br />

data media and of printers, these must be installed in locations which can be<br />

accessed by authorised persons only.<br />

In particular, the following provisions apply:<br />

- In the case of UNIX systems, unauthorised persons must not be given<br />

access to the console since they might boot the UNIX computer in singleuser<br />

mode or activate the hardware monitor and thus acquire system<br />

administrator rights.<br />

- It must be ensured that devices for exchangeable data media - such as<br />

streamers, floppy disk drives, removable disks - do not allow illicit import<br />

or reading out of files.<br />

- Only authorised persons may have access to rooms with printers/print-outs.<br />

This can be achieved, for instance, by locating printers in a locked room<br />

and by having print-outs distributed by a trustworthy person to pigeonholes<br />

which can be accessed only by the intended recipients. <strong>The</strong>refore, the<br />

names of the recipients must be indicated on print-outs. This can be done<br />

automatically by means of print programs.<br />

This measure is complemented by the following:<br />

S 4.18 Administrative and technical means to control access to the systemmonitor<br />

and single-user mode<br />

S 4.21 Preventing unauthorised acquisition of administrator rights<br />

Additional controls:<br />

- Are the console, devices for exchangeable data media, and print-outs<br />

protected against unauthorised access?<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!