IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Safeguard Catalogue - Organisation Remarks<br />

____________________________________________________________________ .........................................<br />

S 2.116 Regulated use of communications facilities<br />

Initiation responsibility: <strong>IT</strong> Security Management<br />

Implementation responsibility: Administrators , Telecommuters<br />

All telecommuting computers are equipped with electronic communications<br />

facilities. From the point of view of <strong>IT</strong> security, guidelines concerning the use<br />

of these communications facilities need to be prepared. <strong>The</strong> use of these<br />

facilities for private purposes should generally be prohibited.<br />

At least the following issues should be clarified:<br />

- Monitoring of data flow:<br />

- Which services may be used for data transmission?<br />

- Which services must be barred explicitly from use?<br />

- Which information may be sent to which persons?<br />

- Which written correspondence may take place via E-mail?<br />

- If the telecommuting computer possesses a fax modem, or if a fax<br />

machine is available at the telecommuting workstation, clarification<br />

is required as to which information may be transferred to whom via<br />

fax.<br />

- Which information must be approved by the institution before it can<br />

be transmitted electronically?<br />

- <strong>Information</strong> acquisition:<br />

- Which electronic services (database queries, electronic searches)<br />

may be made use of from telecommuting computers? For example,<br />

query patterns can serve as a basis for inferring corporate strategy.<br />

- Which budget is available for electronic services?<br />

- <strong>IT</strong> security measures:<br />

- Which data require which type of encryption?<br />

- Which data should be deleted after successful transmission. This<br />

might apply to person- related data, for example.<br />

- Which data should be backed up on the telecommuting computer<br />

even after it has been transmitted successfully?<br />

- Are data scanned for viruses before dispatch or after receipt?<br />

- Which data transmissions should be registered in a log? If automatic<br />

logging is not possible, a clarification is required as to whether and<br />

to what extent manual logging must be performed.<br />

- Internet usage:<br />

- Is the usage of Internet services prohibited in general?<br />

- Which type of data may be downloaded from the Internet? Data<br />

downloaded from extraneous servers might harbour the threat of<br />

computer viruses.<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!