IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Safeguard Catalogue - Organisation Remarks<br />

____________________________________________________________________ .........................................<br />

- With regard to data preservation, files to be deleted after<br />

compression must only be deleted by the compression program if<br />

compression has been performed successfully.<br />

- Before a file is decompressed, its integrity must be checked so that<br />

bit errors in the compressed file can be detected, for example.<br />

Desirable security features:<br />

- Password protection of compressed files<br />

Appointment calendar:<br />

Necessary security features:<br />

- Reliable identification and authentication of the users must take<br />

place, e.g. using passwords.<br />

- Access control for the appointment calendars of the various<br />

employees is required.<br />

- It must be possible to assign separate access rights for individuals,<br />

groups and superiors.<br />

- It must be possible to differentiate between read and write access.<br />

Desirable security features:<br />

- Automatic backup of data in an encrypted form should be possible.<br />

Travel expenses calculation system:<br />

Necessary security features:<br />

- Reliable identification and authentication of the users must take<br />

place, e.g. using passwords.<br />

- Access control must be in place and available for individual data<br />

records.<br />

- It must be possible to assign separate access rights for the user,<br />

administrator, auditor, and data privacy officer. It must be possible<br />

to separate the functions of administrator and auditor.<br />

- Data backups must be performed in such a way that they are stored<br />

in an encrypted form and can only be accessed by authorised<br />

persons.<br />

- Detailed logging functions must be in place.<br />

Desirable security features:<br />

- An optional integrity check for payment-related data should be<br />

available.<br />

Example of an assessment scale:<br />

A specialist department intends to purchase a compression program for data<br />

backup purposes. After a Requirements Catalogue has been drawn up, the<br />

features specified in the catalogue could be assessed as follows:<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!