IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Safeguard Catalogue - Organisation Remarks<br />

____________________________________________________________________ .........................................<br />

S 2.122 Standard e-mail addresses<br />

Initiation responsibility: Head of <strong>IT</strong> Section, <strong>IT</strong> Security Management<br />

Implementation responsibility: Administrator, <strong>IT</strong> users<br />

E-mail addresses should be allocated on the basis of clearly defined rules. In<br />

this context, it is advisable to base the nomenclature for personal e-mail<br />

addresses on the names of the users of the <strong>IT</strong> systems (e.g. e-mail address =<br />

first eight characters of the surname). User names on <strong>IT</strong> systems which can be<br />

accessed outside the protected network should not be directly derivable from<br />

the e-mail addresses, in order to prevent intrusions into user accounts. It is<br />

important not to change addresses too frequently or make them too long and<br />

complicated. In particular, it must be ensured that non-ASCII characters such<br />

as mutated vowels are not used as part of e-mail addresses.<br />

To impede intrusions, avoid e-mail advertisements and release as little<br />

information as possible outside the protected network, it might be advisable to<br />

assign e-mail addresses which are difficult to guess instead of addresses<br />

related directly to users and organisations, for example,<br />

surname@organization.com. However this also makes the forwarding of<br />

addresses less convenient, and can render communications with external<br />

parties more difficult.<br />

If e-mail addresses are modified or no longer applicable, it must be ensured<br />

that e-mail bearing the old address is transferred to the new address at least for<br />

a transitional period.<br />

In addition to personal e-mail addresses, specific organisational and specific<br />

functional e-mail addresses can also be configured in order to guarantee<br />

proper delivery to the right department, regardless of the persons involved.<br />

This is of particular importance in the case of central gathering points.<br />

Additional controls:<br />

- According to which rules are e-mail addresses assigned?<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!