IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Organisation Remarks
____________________________________________________________________ .........................................
The key aspects from the economic standpoint are:
- Rationalisation aspects, for example using a product with transparent
encryption instead of manual activation
- Estimates as to quantities required and procurement costs
- Anticipated administration and maintenance costs
Using this survey as a basis, an operations and requirements concept as close
to practical reality as possible can be drawn up; this is then used as the starting
point for actual implementation decisions and the selection of suitable crypto
components and products (see S 2.165 Selection of a suitable cryptographic
product).
The approach described above is intended to help staff responsible for security
to determine, assess and coordinate the use of security technology in various
system localities, network gateways and terminal equipment, as well as the
extent to which the technology is to be used. In addition, the question of the
appropriateness of IT security is to be answered in the course of the planning
phase by determining the necessary degree of protection (protection
requirements). The course of action outlined here is a pragmatic approach and
takes account of security aspects in open, distributed IT infrastructures, as
found in many instances.
The investment in security viewed in this way must be economically
justifiable for the respective field of use. The mode of operation of security
strategies that are put into practice must take account of the expectations of
the end users with regard to flexibility, transparency and performance. The
security services, whether planned or integrated, must not impose any
restrictions on the end users over and above that which is necessary.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000