Basic protection

Regardless of how sensitive the data and applications are on the server you are operating, a certain level of basic protection has to be ensured.

Even if you have little concern about the data or applications stored there, you should always keep in mind that an IT compound is only as strong as the weakest link. With insufficient protection measures in place, your server could eventually be an easy target for hackers, from which they could further infiltrate the TUM IT infrastructure.

Suggested measures

Security measures can be put into different categories:

 

• Physical security measures, such as lock systems and access control mechanisms
• Personnel-based security measures (training and education programs, awareness campaigns)
• Administrative security measures (recognizing security-relevant incidents, reviewing incident logs)
• Measures that target the secure storage of the media (data, information)
• Electromagnetic radiation safeguards help prevent information eavesdropping
• Monitoring system development cycles (reviewing the design, implementation and introduction of new IT systems to identify potential vulnerabilities)
• System security measures
• Communications and network security measures

BSI IT-Grundschutz Catalogues

The German Federal Ministry for Information Security (BSI) offers comprehensive support for implementing information security measures that ensure a standard level of protection.

Find the IT-Grundschutz Catalogues at: www.bsi.bund.de/EN/Topics/ITGrundschutz/ITGrundschutzCatalogues/itgrundschutzcatalogues_node.html

 

M 3.101 General server, supplemented with modules for Unix and Windows servers (among others), appears to be a good first step.

M 3.101 General server: Planing and design provides important information regarding the issues that have to be taken into consideration when planning IT security measures.