|
+HR-07.01B |
1. ÜbersichtHR-07.01BPolicies and procedures for the protection of information when personnel works remotely are documented, communicated and provided in accordance with SP-01 and address the following aspects:1. Establishing guidelines for the personnel for the safe handling and storage of sensitive information and data types; 2. Definition of remote access security requirements; 3. Utilisation of secure communication methods and enforcement of secure network use (e.g., VPN usage, endpoint protection, multi-factor authentication, secure communication channels); and 4. Provision of organisation-approved equipment and prohibition of unregulated personal devices. Please note that this criterion refers to off-site working places whereas PS-08.01B addresses security requirements for on-site office workplaces. The guidelines for the personnel for safe handling and storage of sensitive information and data types refer to organisational measures the personnel is obligated to follow. Remote access security requirements refer to technical measures like e.g. MFA and VPN and also rules for the particular work place that follow from general considerations about working e.g. in public places where the screen can be spied on.
1.1 Referenzen1.2 Identifizierte Anforderungen1.2 Related Regulation2. Identifizierte Anforderungen
3. Related Regulations
|