Guidance
- E-mail filters should detect malicious e-mails, and filtering should be configured based on the type of
message attachments so that files of the specified types are automatically processed (e.g. deleted).
- Web-filters should notify the user if a website may contain malware and potentially preventing users
from accessing that website.
The organization shall control the information flows/data flows within its critical systems
and between interconnected systems.
Guidance
Consider the following:
- Information flow may be supported, for example, by labelling or colouring physical connectors as an
aid to manual hook-up.
- Inspection of message content may enforce information flow policy. For example, a message
containing a command to an actuator may not be permitted to flow between the control network
and any other network.
- Physical addresses (e.g., a serial port) may be implicitly or explicitly associated with labels or
attributes (e.g., hardware I/O address). Manual methods are typically static. Label or attribute policy
mechanisms may be implemented in hardware, firmware, and software that controls or has device access, such as
device drivers and communications controllers.
The organization shall manage the interface for external communication services by
establishing a traffic flow policy, protecting the confidentiality and integrity of the
information being transmitted; This includes the review and documenting of each exception
to the traffic flow policy.
Centrally select and install malware detection and repair programs and update them regularly for preventive or regular scanning of computers and media.
Programs should check at least the following:
Cyber criminals can exploit configuration errors or technical vulnerabilities in applications, firewalls, or networks to access our information.
An organization must use defense-in-depth technologies to protect against, detect, and respond to cyber-attacks. The techniques should be suitable for controlling physical, logical and administrative controls.
The organization shall ensure that the monitoring and management of remote connections is automated, that remote connections are encrypted to ensure their integrity and reliability, and that remote connections pass only through approved and managed Network Access Control (NAC).
The organization must also make possible for the remote connections to be closed within a specified time.
Examples of traffic filtering and monitoring systems are firewalls, routers, intrusion detection or prevention systems (IDS / IPS) and network devices / servers / applications with similar functionalities.
To ensure the functionality of filtering and monitoring:
Endpoint security management system can be used to demand the desired security criteria from the devices before they are allowed to connect to the network resources. Devices can be laptops, smartphones, tablets or industry-specific hardware.
Criteria for the use of network resources may include e.g. approved operating system, VPN and antivirus systems, and the timeliness of these updates.
The use of the wireless network is secured with sufficient keys and the connection traffic to the network router is encrypted. The wireless network for guest use is isolated from the company's own internal network.
In Cyberday, all frameworks’ requirements are mapped into universal tasks, so you achieve multi-framework compliance effortlessly.
.png)
Elevate Your Knowledge with Exclusive Access to Weekly Webinars, Video Courses, Help Articles, and Blogs.
