IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Safeguard Catalogue - Organisation Remarks<br />

____________________________________________________________________ .........................................<br />

S 2.45 Controlling the exchange of data media<br />

Initiation responsibility: Head of <strong>IT</strong> Section, <strong>IT</strong> Security Management<br />

Implementation responsibility: <strong>IT</strong> users, Mailroom<br />

If data media are to be exchanged between two or more communication<br />

partners, the following items should be observed to ensure proper exchange:<br />

- Addressing must be clear so as to preclude incorrect delivery. In this<br />

context, the recipient's name should be supplemented by the relevant<br />

department and the precise designation of the agency/company. <strong>The</strong> same<br />

applies to the address of the sender.<br />

- <strong>The</strong> data medium should be accompanied by a slip containing the<br />

following information (optional):<br />

- Sender<br />

- Recipient<br />

- Type of data medium<br />

- Serial number (if present)<br />

- Identification of the contents of the data medium<br />

- <strong>The</strong> date of dispatch and, if applicable, the latest date by which the<br />

storage medium should reach the recipient<br />

- A note that the data medium has been scanned for viruses<br />

- Parameters required for reading the information, e.g. tape speed<br />

<strong>The</strong> following items should not be indicated:<br />

- Passwords allocated to classified information<br />

- Encryption keys used for encrypting information<br />

- Contents of the data medium<br />

- <strong>The</strong> dispatch of the data medium can be documented optionally. In this<br />

case, every file transfer, together with the contents and recipient of the<br />

information, is registered in a log. Depending on the protection<br />

requirement or importance of the transferred information, its receipt should<br />

be acknowledged and an acknowledgement statement added to the<br />

aforementioned record.<br />

- Persons responsible for dispatch and receipt should be designated<br />

- <strong>The</strong> type of dispatch is to be specified<br />

Additional controls:<br />

- Do regulations on the procedure of exchanging data media exist?<br />

- Are the persons responsible for the exchange of data media sufficiently<br />

aware of the potential threats involved?<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!