|
+OPS-34.02B |
1. ÜbersichtOPS-34.02BThe policies and procedures describe measures along the life cycle of containers and address at least the following aspects:1. Containers are inventoried according to a documented process (cf. AM-02, AM-03, AM-09); 2. The need for malware protection is assessed and, if necessary, ensured (cf. OPS-05); 3. Logging and monitoring of events takes place along the container lifecycle and is executed according to a defined logging framework (cf. OPS-10, OPS-12); 4. Cloud service customer data is separated based on a risk assessment (cf. OPS-30); 5. Access to the container host should take place in accordance with a roles and rights framework and a policy for managing access and access authorisations (cf. IAM-01, IAM-06); 6. Data stored on containers and data in transit should be encrypted as far as possible by the provider in accordance with the encryption policy (cf. CRY-01); 7. Measures to ensure network security are established. This includes, for example, measures to detect network anomalies (cf. COS-01 and COS-03) such as unexpected data flows within the network or unwanted access attempts; 8. Changes to containers and images follow a regulated process (cf. DEV-03); and 9. Hardening processes are carried out according to general industry standards to ensure that no unnecessary system services are executed (cf. PSS-11).
1.1 Referenzen1.2 Identifizierte Anforderungen1.2 Related Regulation2. Identifizierte Anforderungen
3. Related Regulations
|