- Import restrictions: a business case and risk assessment should be provided
for each information type to be imported; al imported objects should be screened
for recognisable structures such as virus signatures. An anti-virus strategy with
timely updates incorporating anti-virus products (the use of two products should
be considered) should be implemented, subjecting imported information objects
to content analysis. Al import requests shal be recorded to meet specified audit
requirements enabling trend analysis to be performed. Website access should be
granted explicitly subject to a business case, and limited to known and `trusted'
sites. Active web content should be removed on import or executed in a
control ed safe space. E-mail attachments should be limited to permitted types.
Email this to a friend.
Previous item —