Куда я попал?
Стандарт Банка России № СТО БР ИББС-1.0-2014 от 01.06.2014
Обеспечение информационной безопасности организаций банковской системы Российской Федерации - Общие положения
Р. 6 п. 6.5
Для проведения оценки соответствия по документу войдите в систему.
Похожие требования
Guideline for a healthy information system v.2.0 (EN):
4 STANDARD
/STANDARD
Each organization has sensitive data. This data can be on its own activity (intellectual property, expertise, etc.) or its customers, individuals or users (personal data, contracts, etc.). In order to effectively protect your data, identifying it is essential.
From this list of sensitive data, it will be possible to determine in which areas of the information system it is located (databases, file sharing, workstations, etc.). These components correspond to the servers and critical devices of the organization. To this end, they must be subject to specific security measures that may concern backup, logging, access, etc.
Therefore, this involves creating and maintaining a simplified network diagram (or mapping) representing the different IP areas and the associated addressing plan, the routing and security devices (firewall, application relays, etc.) and the networks with the outside (Internet, private networks, etc.) and partners. This diagram must also be able to locate the servers holding the entity’s sensitive information.
Each organization has sensitive data. This data can be on its own activity (intellectual property, expertise, etc.) or its customers, individuals or users (personal data, contracts, etc.). In order to effectively protect your data, identifying it is essential.
From this list of sensitive data, it will be possible to determine in which areas of the information system it is located (databases, file sharing, workstations, etc.). These components correspond to the servers and critical devices of the organization. To this end, they must be subject to specific security measures that may concern backup, logging, access, etc.
Therefore, this involves creating and maintaining a simplified network diagram (or mapping) representing the different IP areas and the associated addressing plan, the routing and security devices (firewall, application relays, etc.) and the networks with the outside (Internet, private networks, etc.) and partners. This diagram must also be able to locate the servers holding the entity’s sensitive information.
Связанные защитные меры
Ничего не найдено
Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.