IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

<strong>IT</strong> <strong>Baseline</strong> <strong>Protection</strong> of Generic Components Concept of computer virus protection<br />

_________________________________________________________________________________________<br />

Organisational shortcomings:<br />

- T 2.1 Lack of, or insufficient, rules<br />

- T 2.2 Insufficient knowledge of requirements documents<br />

- T 2.3 A lack of compatible, or unsuitable, resources<br />

- T 2.4 Insufficient monitoring of <strong>IT</strong> security measures<br />

- T 2.8 Uncontrolled use of resources<br />

- T 2.9 Poor adjustment to changes in the use of <strong>IT</strong><br />

- T 2.26 Lack of, or inadequate, test and release procedures<br />

Human Failure:<br />

- T 3.3 Non-compliance with <strong>IT</strong> security measures<br />

Deliberate Acts:<br />

- T 5.2 Manipulation of data or software<br />

- T 5.21 Trojan Horses<br />

- T 5.23 Computer viruses<br />

- T 5.43 Macro viruses<br />

- T 5.80 Hoaxes<br />

Recommended Countermeasures (S)<br />

When a computer virus protection concept is created (see S 2.154 Creation of a computer virus<br />

protection concept), it must first be determined which of the available or planned <strong>IT</strong> systems are to be<br />

included in the computer virus protection concept (see S 2.155 Identification of <strong>IT</strong> systems potentially<br />

threatened by computer viruses). For these <strong>IT</strong> systems, the factors that influence the implementation of<br />

security measures must be taken into account. Based on this, the technical and organisational measures<br />

can then be selected. In this context, it is particularly important to select suitable technical<br />

countermeasures such as virus scanning programs (see S 2.156 Selection of a suitable computer virus<br />

protection strategy and S 2.157 Selection of a suitable computer virus scanning program). In addition<br />

to setting up a report body (see S 2.158 Reporting computer virus infections) and coordinating the<br />

updating of protection products used (see S 2.159 Updating the computer virus scanning programs<br />

used), a series of regulations for implementing the concept are to be agreed (see S 2.11 Regulations on<br />

computer virus protection) in which additional safeguards required for virus protection are specified.<br />

One of the most important safeguards for protecting computers against damage from viruses is regular<br />

data backup (see S 6.32 Regular data backup).<br />

For the implementation of <strong>IT</strong> baseline protection, we recommend selecting the required packages of<br />

safeguards ("modules") as described in chapters 2.3 and 2.4. Additional recommended literature is<br />

volume 2 the German <strong>Information</strong> Security Agency's series of scripts on <strong>IT</strong> security "<strong>Information</strong> on<br />

computer viruses".<br />

_________________________________________________________________________________________<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Otober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!