IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Organisation Remarks
____________________________________________________________________ .........................................
S 2.55 Use of a security code
Initiation responsibility: IT Security Management
Implementation responsibility: IT-user
For answering machines with a remote-inquiry unit and a security code, the
remote-inquiry function should preferably be activated only by means of an
individually selected, secret code. In particular, any factory codes should be
altered. The security code should be deposited in the same way as a password
(c.f. S 2.22 Depositing of passwords) and altered on a regular basis.
When operating answering machines with a remote-inquiry unit, care should
be taken to prevent entry of the code from being heard or viewed by any
strangers present in the vicinity.
Additional controls:
- Have users been instructed on correct handling of the remote-inquiry unit?
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000