Content library
CyberFundamentals (Belgium)
PR.PT-4: Communications and control networks are protected. Web and e-mail filters shall be installed and used.

How to fill the requirement

CyberFundamentals (Belgium)

PR.PT-4: Communications and control networks are protected. Web and e-mail filters shall be installed and used.

Task name
Priority
Status
Theme
Policy
Other requirements
Selection and use of malware detection software on all devices
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Malware protection
requirements

Task is fulfilling also these other security requirements

I09: Haittaohjelmasuojaus
Katakri
12.2.1: Controls against malware
ISO27 Full
12.2: Protection from malware
ISO27 Full
6.5: Tietojärjestelmien asennus, ylläpito ja päivitys
Self-monitoring
DE.CM-4: Malicious code detection
NIST
1. Task description

Centrally select and install malware detection and repair programs and update them regularly for preventive or regular scanning of computers and media.

Programs should check at least the following:

  • files received over the network or storage media are scanned for malware before use
  • email attachments and downloaded files are scanned for malware before use
  • websites are scanned for malware
Choosing and using network protection systems
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Virtualization
requirements

Task is fulfilling also these other security requirements

PR.PT-4: Communications and control networks
NIST
ARCHITECTURE-2: Implement Network Protections as an Element of the Cybersecurity Architecture
C2M2: MIL1
CC6.6: Logical access security measures against threats from sources outside system boundries
SOC 2
6.11: Alusta- ja verkkopalvelujen tietoturvallinen käyttö tietosuojan ja varautumisen kannalta
Tietoturvasuunnitelma
3.1.1: Management of secure areas
TISAX
1. Task description

Cyber criminals can exploit configuration errors or technical vulnerabilities in applications, firewalls, or networks to access our information.

An organization must use defense-in-depth technologies to protect against, detect, and respond to cyber-attacks. The techniques should be suitable for controlling physical, logical and administrative controls.

Remote connection management
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Network security
requirements

Task is fulfilling also these other security requirements

PR.AC-3: Remote access management
NIST
I-18: TURVALLISUUSLUOKITELTUJEN TIETOJEN VÄLITYS JA KÄSITTELY FYYSISESTI SUOJATTUJEN ALUEIDEN VÄLILLÄ - ETÄKÄYTTÖ JA ETÄHALLINTA
Katakri 2020
5.1.2: Information transfer
TISAX
PR.MA-2: Remote maintenance of organizational assets is approved, logged, and performed in a manner that prevents unauthorized access.
CyFun
PR.AC-3: Remote access is managed.
CyFun
1. Task description

The organization shall ensure that the monitoring and management of remote connections is automated, that remote connections are encrypted to ensure their integrity and reliability, and that remote connections pass only through approved and managed Network Access Control (NAC).

The organization must also make possible for the remote connections to be closed within a specified time.

Management of filtering and monitoring systems
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Network security
requirements

Task is fulfilling also these other security requirements

I03: Suodatus- ja valvontajärjestelmien hallinnointi
Katakri
TEK-03: Suodatus- ja valvontajärjestelmien hallinnointi
Julkri
TEK-03.2: Suodatus- ja valvontajärjestelmien hallinnointi - dokumentointi
Julkri
TEK-03.3: Suodatus- ja valvontajärjestelmien hallinnointi - tarkastukset
Julkri
TEK-03.1: Suodatus- ja valvontajärjestelmien hallinnointi - vastuutus ja organisointi
Julkri
1. Task description

Examples of traffic filtering and monitoring systems are firewalls, routers, intrusion detection or prevention systems (IDS / IPS) and network devices / servers / applications with similar functionalities.

To ensure the functionality of filtering and monitoring:

  • An owner has been appointed for the systems, who takes care of the proper operation of the system throughout the life cycle of the data processing environment
  • It is the responsibility of the system owner to add, change, and delete settings for systems that filter or control traffic
  • Documentation of the network and associated filtering and control systems is maintained throughout its lifecycle as an integral part of the change and settings management process
  • The settings and desired operation of the systems are checked periodically during the operation and maintenance of the data processing environment and in the event of exceptional situations
Endpoint security management system
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Remote work and mobile devices
Mobile device management
requirements

Task is fulfilling also these other security requirements

13.1.1: Network controls
ISO27 Full
6.2.1: Mobile device policy
ISO27 Full
PR.PT-4: Communications and control networks
NIST
HAL-19: Tietojen käsittely
Julkri
8.1: User endpoint devices
ISO27k1 Full
1. Task description

Endpoint security management system can be used to demand the desired security criteria from the devices before they are allowed to connect to the network resources. Devices can be laptops, smartphones, tablets or industry-specific hardware.

Criteria for the use of network resources may include e.g. approved operating system, VPN and antivirus systems, and the timeliness of these updates.

Protection of wireless connections
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Network security
requirements

Task is fulfilling also these other security requirements

I05: Langattomat verkot
Katakri
13.1.2: Security of network services
ISO27 Full
PR.PT-4: Communications and control networks
NIST
TEK-05: Langaton tiedonsiirto
Julkri
8.21: Security of network services
ISO27k1 Full
1. Task description

The use of the wireless network is secured with sufficient keys and the connection traffic to the network router is encrypted. The wireless network for guest use is isolated from the company's own internal network.

No items found.